Vulnerability Details CVE-2019-1733
A vulnerability in the NX API (NX-API) Sandbox interface for Cisco NX-OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the NX-API Sandbox interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the NX-API Sandbox interface. An attacker could exploit this vulnerability by persuading a user of the NX-API Sandbox interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected NX-API Sandbox interface.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.7%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2019-1733
-
cpe:2.3:h:cisco:nexus_3000:-
-
cpe:2.3:h:cisco:nexus_3100-z:-
-
cpe:2.3:h:cisco:nexus_3100:-
-
cpe:2.3:h:cisco:nexus_3100v:-
-
cpe:2.3:h:cisco:nexus_3200:-
-
cpe:2.3:h:cisco:nexus_3400:-
-
cpe:2.3:h:cisco:nexus_3500:-
-
cpe:2.3:h:cisco:nexus_3524-x:-
-
cpe:2.3:h:cisco:nexus_3524-xl:-
-
cpe:2.3:h:cisco:nexus_3548-x:-
-
cpe:2.3:h:cisco:nexus_3548-xl:-
-
cpe:2.3:h:cisco:nexus_3600:-
-
cpe:2.3:h:cisco:nexus_9000:-
-
cpe:2.3:h:cisco:nexus_9200:-
-
cpe:2.3:h:cisco:nexus_9300:-
-
cpe:2.3:h:cisco:nexus_9500:-
-
cpe:2.3:o:cisco:nx-os:7.0(3)i7
-
cpe:2.3:o:cisco:nx-os:7.0(3)i7(1)
-
cpe:2.3:o:cisco:nx-os:7.0(3)i7(2)
-
cpe:2.3:o:cisco:nx-os:7.0(3)i7(3)
-
cpe:2.3:o:cisco:nx-os:7.0(3)i7(3z)