Unrated severityNVD Advisory· Published Mar 28, 2019· Updated Nov 21, 2024
Cisco IOS XE Software Command Injection Vulnerability
CVE-2019-1755
Description
A vulnerability in the Web Services Management Agent (WSMA) function of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary Cisco IOS commands as a privilege level 15 user. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attacker could exploit this vulnerability by submitting crafted HTTP requests to the targeted application. A successful exploit could allow the attacker to execute arbitrary commands on the affected device.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 3.6.10E
Patches
Vulnerability mechanics
References
2- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-cmdinjmitrevendor-advisoryx_refsource_CISCO
- www.securityfocus.com/bid/107380mitrevdb-entryx_refsource_BID
News mentions
0No linked articles in our index yet.