How severe is CVE-2019-1812?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.7 out of 10.

What type of vulnerability is CVE-2019-1812?

This is classified as CWE-347, which is a common weakness in software security.

CVE-2019-1812

MEDIUM Year: 2019

CVSS v3 Score

6.7

Medium

CVSS v2 Score

7.2

High

Weakness Type

CWE-347

View all →

Vulnerability Description

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device.

CVE-2017-12331

MEDIUM

CVSS:6.7(Medium)

A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software patch. The vulnerability is due to insufficient NX-...

CWE-3472017

CVE-2017-12333

MEDIUM

CVSS:6.7(Medium)

A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software image. The vulnerability is due to insufficient NX-...

CWE-3472017

CVE-2017-8190

MEDIUM

CVSS:6.7(Medium)

FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high priv...

CWE-3472017

CVE-2018-15374

MEDIUM

CVSS:6.7(Medium)

A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install a malicious software image or file on an affected device. The vulnera...

CWE-3472018

CVE-2019-12649

MEDIUM

CVSS:6.7(Medium)

A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install and boot a malicious software image or execute unsigned binaries on a...

CWE-3472019

CVE-2019-12662

MEDIUM

CVSS:6.7(Medium)

A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service imag...

CWE-3472019

CVE-2019-1812

Vulnerability Description

Related Vulnerabilities

CVE-2017-12331

CVE-2017-12333

CVE-2017-8190

CVE-2018-15374

CVE-2019-12649

CVE-2019-12662