CVE-2019-1964

Published: Aug 28, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A vulnerability in the IPv6 traffic processing of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an unexpected restart of the netstack process on an affected device. The vulnerability is due to improper validation of IPv6 traffic sent through an affected device. An attacker could exploit this vulnerability by sending a malformed IPv6 packet through an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition while the netstack process restarts. A sustained attack could lead to a reboot of the device.

Affected (2)

Products: Cisco: Nx Os

Cisco

1 product

Nx Os

Configuration A

2 vulnerable · 28 platform

Vulnerable Software	Affected Versions
Cisco Nx Os	From 8.1 to 8.2\(3\)
Cisco Nx Os	From 8.3 to 8.4

Running on/with	Platform Versions
Cisco 7000 10 Slot	All versions
Cisco 7000 18 Slot	All versions
Cisco 7000 4 Slot	All versions
Cisco 7000 9 Slot	All versions
Cisco 7700 10 Slot	All versions
Cisco 7700 18 Slot	All versions
Cisco 7700 2 Slot	All versions
Cisco 7700 6 Slot	All versions
Cisco N77 F312ck 26	All versions
Cisco N77 F324fq 25	All versions
Cisco N77 F348xp 23	All versions
Cisco N77 F430cq 36	All versions
Cisco N77 M312cq 26l	All versions
Cisco N77 M324fq 25l	All versions
Cisco N77 M348xp 23l	All versions
Cisco N7k F248xp 25e	All versions
Cisco N7k F306ck 25	All versions
Cisco N7k F312fq 25	All versions
Cisco N7k M202cf 22l	All versions
Cisco N7k M206fq 23l	All versions
Cisco N7k M224xp 23l	All versions
Cisco N7k M324fq 25l	All versions
Cisco N7k M348xp 25l	All versions
Cisco Nexus 7000 Supervisor 1	All versions
Cisco Nexus 7000 Supervisor 2	All versions
Cisco Nexus 7000 Supervisor 2e	All versions
Cisco Nexus 7700 Supervisor 2e	All versions
Cisco Nexus 7700 Supervisor 3e	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ipv6-dos

Source: psirt@cisco.com

Vendor Advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ipv6-dos

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.