How severe is CVE-2019-1618?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2019-1618?

This is classified as CWE-275, which is a common weakness in software security.

CVE-2019-1618 - HIGH Severity | CVSS 7.8

Vulnerability Description

A vulnerability in the Tetration Analytics agent for Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to execute arbitrary code as root. The vulnerability is due to an incorrect permissions setting. An attacker could exploit this vulnerability by replacing valid agent files with malicious code. A successful exploit could result in the execution of code supplied by the attacker. Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running versions prior to 7.0(3)I7(5).

Related Vulnerabilities

CVE-2015-8300

HIGH

CVSS:7.8(High)

Polycom BToE Connector before 3.0.0 uses weak permissions (Everyone: Full Control) for "Program Files (x86)\polycom\polycom btoe connector\plcmbtoesrv.exe," which allows local users to gain privileges...

CWE-2752015

CVE-2016-7382

HIGH

CVSS:7.8(High)

For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a m...

CWE-2752016

CVE-2016-8732

HIGH

CVSS:7.8(High)

Multiple security flaws exists in InvProtectDrv.sys which is a part of Invincea Dell Protected Workspace 5.1.1-22303. Weak restrictions on the driver communication channel and additional insufficient ...

CWE-2752016

CVE-2016-8856

HIGH

CVSS:7.8(High)

Foxit Reader for Mac 2.1.0.0804 and earlier and Foxit Reader for Linux 2.1.0.0805 and earlier suffered from a vulnerability where weak file permissions could be exploited by attackers to execute arbit...

CWE-2752016

CVE-2017-18390

HIGH

CVSS:7.8(High)

cPanel before 68.0.15 allows code execution in the context of the root account because of weak permissions on incremental backups (SEC-322).

CWE-2752017

CVE-2019-11145

HIGH

CVSS:7.8(High)

Improper file verification in Intel® Driver & Support Assistant before 19.7.30.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

CWE-2752019