cvedb.io
CVE-2019-1745
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2019-03-28T00:29:00.530 · Last modified 2026-06-17T02:29:11.310

Summary

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with elevated privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected commands. An exploit could allow the attacker to gain root privileges on the affected device.

Affected products

cisco — ios_xe

Does this affect you?

Add your gear to cvedb and we'll alert you only when cisco ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.