思科发布了关于 Cisco NX-OS 和 FXOS 软件中多个漏洞的安全通告，涉及 LDAP 拒绝服务、Bash Shell 权限提升、802.1X EAP over LAN 拒绝服务、Bash Shell 基于角色的访问控制绕过权限提升、Netstack 拒绝服务、NX-API 任意代码执行、CLI 命令注入以及图像签名验证等漏洞。这些漏洞可能导致攻击者远程控制受影响的设备，建议用户尽快更新到最新版本，并采取相应的安全措施。

👨‍💻 **LDAP 拒绝服务漏洞:** 攻击者可通过发送特制 LDAP 请求导致受影响设备拒绝服务，影响产品包括 Firepower 4100 系列下一代防火墙、Firepower 9300 安全设备、MDS 9000 系列多层交换机、Nexus 3000 系列交换机、Nexus 3500 平台交换机、Nexus 7000 系列交换机、Nexus 7700 系列交换机、独立 NX-OS 模式下的 Nexus 9000 系列交换机、UCS 6200 系列结构互连以及 UCS 6300 系列结构互连。

🔓 **Bash Shell 权限提升漏洞:** 攻击者可利用此漏洞提升其权限，影响产品包括 Nexus 3000 系列交换机、Nexus 3500 平台交换机、Nexus 3600 平台交换机、独立 NX-OS 模式下的 Nexus 9000 系列交换机、Nexus 9500 R 系列线路卡和结构模块。

⚠️ **802.1X EAP over LAN 拒绝服务漏洞:** 攻击者可通过发送特制 EAP over LAN 消息导致受影响设备拒绝服务，影响产品包括适用于 VMware vSphere 的 Nexus 1000V 交换机、Nexus 2000 系列结构扩展器、Nexus 3000 系列交换机、Nexus 3500 平台交换机、Nexus 5500 平台交换机、Nexus 5600 平台交换机、Nexus 6000 系列交换机、Nexus 7000 系列交换机、Nexus 7700 系列交换机、应用中心基础设施 (ACI) 模式下的 Nexus 9000 系列结构交换机、独立 NX-OS 模式下的 Nexus 9000 系列交换机。

🛡️ **Bash Shell 基于角色的访问控制绕过权限提升漏洞:** 攻击者可利用此漏洞绕过基于角色的访问控制，提升其权限，影响产品包括 Nexus 3000 系列交换机、Nexus 3500 平台交换机、Nexus 3600 平台交换机、Nexus 7000 系列交换机、Nexus 7700 系列交换机、应用中心基础设施 (ACI) 模式下的 Nexus 9000 系列结构交换机、独立 NX-OS 模式下的 Nexus 9000 系列交换机、Nexus 9500 R 系列线路卡和结构模块。

💥 **Netstack 拒绝服务漏洞:** 攻击者可通过发送特制网络数据包导致受影响设备拒绝服务，影响产品包括适用于 Microsoft Hyper-V 的 Nexus 1000V 交换机、适用于 VMware vSphere 的 Nexus 1000V 交换机、Nexus 3000 系列交换机、Nexus 3500 平台交换机、Nexus 3600 平台交换机、Nexus 5500 平台交换机、Nexus 5600 平台交换机、Nexus 6000 系列交换机、Nexus 7000 系列交换机、Nexus 7700 系列交换机、独立 NX-OS 模式下的 Nexus 9000 系列交换机、Nexus 9500 R 系列线路卡和结构模块、UCS 6200 系列结构互连、UCS 6300 系列结构互连、UCS 6400 系列结构互连。

💻 **NX-API 任意代码执行漏洞:** 攻击者可利用此漏洞在受影响设备上执行任意代码，影响产品包括 MDS 9000 系列多层交换机、Nexus 2000 系列结构扩展器、Nexus 3000 系列交换机、Nexus 3500 平台交换机、Nexus 3600 平台交换机、Nexus 5500 平台交换机、Nexus 5600 平台交换机、Nexus 6000 系列交换机、Nexus 7000 系列交换机、Nexus 7700 系列交换机、独立 NX-OS 模式下的 Nexus 9000 系列交换机、Nexus 9500 R 系列线路卡和结构模块。

🚨 **CLI 命令注入漏洞:** 攻击者可利用此漏洞在受影响设备上执行任意命令，影响产品包括 Nexus 3000 系列交换机、Nexus 3500 平台交换机、Nexus 9000 系列交换机（独立 NX-OS 模式）、Nexus 7000 系列交换机、Nexus 7700 系列交换机、MDS 9000 系列多层交换机。

🔐 **图像签名验证漏洞:** 攻击者可利用此漏洞绕过图像签名验证，安装恶意固件，影响产品包括 Nexus 9000 系列交换机（独立 NX-OS 模式）

cisco-sa-20190306-nxosldap Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities CVE-2019-1597 CVE-2019-1598 High 8.6 Firepower 4100 Series Next-Generation Firewalls Firepower 9300 Security Appliance MDS 9000 Series Multilayer Switches Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects cisco-sa-20190306-nxos-pe Cisco NX-OS Software Bash Shell Privilege Escalation Vulnerability CVE-2019-1596 High 7.8 Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20190306-nx-os-lan-auth Cisco NX-OS Software 802.1X Extensible Authentication Protocol over LAN Denial of Service Vulnerability CVE-2019-1594 High 7.4 Nexus 1000V Switch for VMware vSphere Nexus 2000 Series Fabric Extenders Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode Nexus 9000 Series Switches in standalone NX-OS mode cisco-sa-20190306-nx-os-bash-escal Cisco NX-OS Software Bash Shell Role-Based Access Control Bypass Privilege Escalation Vulnerability CVE-2019-1593 High 7.8 Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20190306-nxos-netstack Cisco NX-OS Software Netstack Denial of Service Vulnerability CVE-2019-1599 High 8.6 Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects cisco-sa-20190306-nx-os-api-ex Cisco NX-OS Software NX-API Arbitrary Code Execution Vulnerability CVE-2019-1605 High 7.8 MDS 9000 Series Multilayer Switches Nexus 2000 Series Fabric Extenders Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20190306-nxos-cmdinj-1606 Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1606) CVE-2019-1606 High 5.3 Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 9000 Series Switches in standalone NX-OS mode cisco-sa-20190306-nxos-cmdinj-1607 Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1607) CVE-2019-1607 High 4.2 Nexus 7000 Series Switches Nexus 7700 Series Switches cisco-sa-20190306-nxos-cmdinj-1608 Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1608) CVE-2019-1608 High 4.2 MDS 9000 Series Multilayer Switches Nexus 7000 Series Switches Nexus 7700 Series Switches cisco-sa-20190306-nxos-cmdinj-1609 Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1609) CVE-2019-1609 High 4.2 MDS 9000 Series Multilayer Switches Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20190306-nxos-cmdinj-1610 Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1610) CVE-2019-1610 High 4.2 Nexus 3000 Series Switches Nexus 3500 Platform Switches cisco-sa-20190306-nxos-cmdinj-1611 Cisco FXOS and NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1611) CVE-2019-1611 High 4.2 Firepower 4100 Series Next-Generation Firewalls Firepower 9300 Security Appliance MDS 9000 Series Multilayer Switches Nexus 2000 Series Fabric Extenders Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20190306-nxos-cmdinj-1612 Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1612) CVE-2019-1612 High 4.2 Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20190306-nxos-cmdinj-1613 Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1613) CVE-2019-1613 High 4.2 MDS 9000 Series Multilayer Switches Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20190306-aci-shell-escape Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Shell Escape Vulnerability CVE-2019-1591 High 7.8 Nexus 9000 Series ACI Mode Switches cisco-sa-20190306-nxos-NXAPI-cmdinj Cisco NX-OS Software NX-API Command Injection Vulnerability CVE-2019-1614 High 8.8 MDS 9000 Series Multilayer Switches Nexus 2000 Series Fabric Extenders Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode cisco-sa-20190306-nxos-sig-verif Cisco NX-OS Software Image Signature Verification Vulnerability CVE-2019-1615 High 6.7 Nexus 3000 Series Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20190306-nxos-directory Cisco FXOS and NX-OS Software Unauthorized Directory Access Vulnerability CVE-2019-1600 High 6.7 Firepower 4100 Series Next-Generation Firewalls Firepower 9300 Security Appliance MDS 9000 Series Multilayer Switches Nexus 2000 Series Fabric Extenders Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20190306-nxos-npv-dos Cisco Nexus 9000 Series Switches Standalone NX-OS Mode Fibre Channel over Ethernet NPV Denial of Service Vulnerability CVE-2019-1617 High 7.4 Nexus 9000 Series Switches in standalone NX-OS mode cisco-sa-20190306-nxos-fabric-dos Cisco NX-OS Software Cisco Fabric Services Denial of Service Vulnerability CVE-2019-1616 High 8.6 MDS 9000 Series Multilayer Switches Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects cisco-sa-20190306-nxos-file-access Cisco NX-OS Software Unauthorized Filesystem Access Vulnerability CVE-2019-1601 High 7.8 MDS 9000 Series Multilayer Switches Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 2000 Series Fabric Extenders Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20190306-nxos-escalation Cisco NX-OS Software Privilege Escalation Vulnerability CVE-2019-1602 High 7.8 Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20190306-nxos-privesc Cisco NX-OS Software Privilege Escalation Vulnerability CVE-2019-1603 High 7.8 Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20190306-nxos-privesca Cisco NX-OS Software Privilege Escalation Vulnerability CVE-2019-1604 High 7.3 Nexus 3000 Series Switches Nexus 3500 Series Switches Nexus 3600 Platform Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20190306-tetra-ace Cisco Nexus 9000 Series Switches Standalone NX-OS Mode Tetration Analytics Agent Arbitrary Code Execution Vulnerability CVE-2019-1618 High 7.8 Nexus 9000 Series Switches in standalone NX-OS mode