CVE-2019-1962

Published: Aug 28, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient validation of TCP packets when processed by the Cisco Fabric Services over IP (CFSoIP) feature. An attacker could exploit this vulnerability by sending a malicious Cisco Fabric Services TCP packet to an affected device. A successful exploit could allow the attacker to cause process crashes, resulting in a device reload and a DoS condition. Note: There are three distribution methods that can be configured for Cisco Fabric Services. This vulnerability affects only distribution method CFSoIP, which is disabled by default. See the Details section for more information.

Affected (12)

Products: Cisco: Nx Os

Cisco

1 product

Nx Os

Configuration A

2 vulnerable · 16 platform

Vulnerable Software	Affected Versions
Cisco Nx Os	From 5.2 to 6.2\(29\)
Cisco Nx Os	From 7.3 to 8.1

Running on/with	Platform Versions
Cisco Mds 9132t	All versions
Cisco Mds 9148s	All versions
Cisco Mds 9148t	All versions
Cisco Mds 9216	All versions
Cisco Mds 9216a	All versions
Cisco Mds 9216i	All versions
Cisco Mds 9222i	All versions
Cisco Mds 9250i	All versions
Cisco Mds 9396s	All versions
Cisco Mds 9396t	All versions
Cisco Mds 9506	All versions
Cisco Mds 9509	All versions
Cisco Mds 9513	All versions
Cisco Mds 9706	All versions
Cisco Mds 9710	All versions
Cisco Mds 9718	All versions

Configuration B

1 vulnerable · 12 platform

Vulnerable Software	Affected Versions
Cisco Nx Os	From 7.0\(3\)f to 9.2

Running on/with	Platform Versions
Cisco N9k C9504 Fm R	All versions
Cisco N9k C9508 Fm R	All versions
Cisco N9k X96136yc R	All versions
Cisco N9k X9636c R	All versions
Cisco N9k X9636c Rx	All versions
Cisco N9k X9636q R	All versions
Cisco Nexus 36180yc R	All versions
Cisco Nexus 3636c R	All versions
Cisco X96136yc R	All versions
Cisco X9636c R	All versions
Cisco X9636c Rx	All versions
Cisco X9636q R	All versions

Configuration C

2 vulnerable · 14 platform

Vulnerable Software	Affected Versions
Cisco Nx Os	Before 7.1\(5\)n1\(1b\)
Cisco Nx Os	From 7.3 to 7.3\(5\)n1\(1\)

Running on/with	Platform Versions
Cisco Nexus 5010	All versions
Cisco Nexus 5020	All versions
Cisco Nexus 5548p	All versions
Cisco Nexus 5548up	All versions
Cisco Nexus 5596t	All versions
Cisco Nexus 5596up	All versions
Cisco Nexus 56128p	All versions
Cisco Nexus 5624q	All versions
Cisco Nexus 5648q	All versions
Cisco Nexus 5672up	All versions
Cisco Nexus 5672up 16g	All versions
Cisco Nexus 5696q	All versions
Cisco Nexus 6001	All versions
Cisco Nexus 6004	All versions

Configuration D

2 vulnerable · 28 platform

Vulnerable Software	Affected Versions
Cisco Nx Os	Before 6.2\(22\)
Cisco Nx Os	From 7.2 to 7.3\(4\)d1\(1\)

Running on/with	Platform Versions
Cisco 7000 10 Slot	All versions
Cisco 7000 18 Slot	All versions
Cisco 7000 4 Slot	All versions
Cisco 7000 9 Slot	All versions
Cisco 7700 10 Slot	All versions
Cisco 7700 18 Slot	All versions
Cisco 7700 2 Slot	All versions
Cisco 7700 6 Slot	All versions
Cisco N77 F312ck 26	All versions
Cisco N77 F324fq 25	All versions
Cisco N77 F348xp 23	All versions
Cisco N77 F430cq 36	All versions
Cisco N77 M312cq 26l	All versions
Cisco N77 M324fq 25l	All versions
Cisco N77 M348xp 23l	All versions
Cisco N7k F248xp 25e	All versions
Cisco N7k F306ck 25	All versions
Cisco N7k F312fq 25	All versions
Cisco N7k M202cf 22l	All versions
Cisco N7k M206fq 23l	All versions
Cisco N7k M224xp 23l	All versions
Cisco N7k M324fq 25l	All versions
Cisco N7k M348xp 25l	All versions
Cisco Nexus 7000 Supervisor 1	All versions
Cisco Nexus 7000 Supervisor 2	All versions
Cisco Nexus 7000 Supervisor 2e	All versions
Cisco Nexus 7700 Supervisor 2e	All versions
Cisco Nexus 7700 Supervisor 3e	All versions

Configuration E

1 vulnerable · 9 platform

Vulnerable Software	Affected Versions
Cisco Nx Os	Before 7.0\(3\)i4\(9\)

Running on/with	Platform Versions
Cisco N9k C92160yc X	All versions
Cisco N9k C9236c	All versions
Cisco N9k C9272q	All versions
Cisco N9k C93180lc Ex	All versions
Cisco N9k C93180yc Ex	All versions
Cisco N9k C93180yc Fx	All versions
Cisco N9k X9732c Ex	All versions
Cisco N9k X9736c Fx	All versions
Cisco Nexus 3048	All versions

Configuration F

2 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Cisco Nx Os	Before 6.0\(2\)a8\(11\)
Cisco Nx Os	From 7.0\(3\)i7 to 7.0\(3\)i7\(6\)

Running on/with	Platform Versions
Cisco Nexus 3524 X/xl	All versions
Cisco Nexus 3548 X/xl	All versions

Configuration G

2 vulnerable · 5 platform

Vulnerable Software	Affected Versions
Cisco Nx Os	Before 3.2\(3i\)
Cisco Nx Os	From 4.0 to 4.0\(2d\)

Running on/with	Platform Versions
Cisco Ucs 6296up	All versions
Cisco Ucs 6248up	All versions
Cisco Ucs 6324	All versions
Cisco Ucs 6332	All versions
Cisco Ucs 6332 16up	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-fsip-dos

Source: psirt@cisco.com

Vendor Advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-fsip-dos

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.