CVE-2019-1962

A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient validation of TCP packets when processed by the Cisco Fabric Services over IP (CFSoIP) feature. An attacker could exploit this vulnerability by sending a malicious Cisco Fabric Services TCP packet to an affected device. A successful exploit could allow the attacker to cause process crashes, resulting in a device reload and a DoS condition. Note: There are three distribution methods that can be configured for Cisco Fabric Services. This vulnerability affects only distribution method CFSoIP, which is disabled by default. See the Details section for more information.

CVSS v3 8.6 HIGH
CVSS v2.0 7.8 HIGH

8.6^/10

CVSS v3 : HIGH

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Exploitability : 3.9 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-fsip-dos	Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-fsip-dos	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:cisco:nx-os::::::::
	cpe:2.3:o:cisco:nx-os::::::::

OR	cpe:2.3:h:cisco:mds_9132t:-:::::::*
	cpe:2.3:h:cisco:mds_9148s:-:::::::*
	cpe:2.3:h:cisco:mds_9148t:-:::::::*
	cpe:2.3:h:cisco:mds_9216:-:::::::*
	cpe:2.3:h:cisco:mds_9216a:-:::::::*
	cpe:2.3:h:cisco:mds_9216i:-:::::::*
	cpe:2.3:h:cisco:mds_9222i:-:::::::*
	cpe:2.3:h:cisco:mds_9250i:-:::::::*
	cpe:2.3:h:cisco:mds_9396s:-:::::::*
	cpe:2.3:h:cisco:mds_9396t:-:::::::*
	cpe:2.3:h:cisco:mds_9506:-:::::::*
	cpe:2.3:h:cisco:mds_9509:-:::::::*
	cpe:2.3:h:cisco:mds_9513:-:::::::*
	cpe:2.3:h:cisco:mds_9706:-:::::::*
	cpe:2.3:h:cisco:mds_9710:-:::::::*
	cpe:2.3:h:cisco:mds_9718:-:::::::*

Configuration 2 (hide)

AND

cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:n9k-c9504-fm-r:-:::::::*
	cpe:2.3:h:cisco:n9k-c9508-fm-r:-:::::::*
	cpe:2.3:h:cisco:n9k-x96136yc-r:-:::::::*
	cpe:2.3:h:cisco:n9k-x9636c-r:-:::::::*
	cpe:2.3:h:cisco:n9k-x9636c-rx:-:::::::*
	cpe:2.3:h:cisco:n9k-x9636q-r:-:::::::*
	cpe:2.3:h:cisco:nexus_36180yc-r:-:::::::*
	cpe:2.3:h:cisco:nexus_3636c-r:-:::::::*
	cpe:2.3:h:cisco:x96136yc-r:-:::::::*
	cpe:2.3:h:cisco:x9636c-r:-:::::::*
	cpe:2.3:h:cisco:x9636c-rx:-:::::::*
	cpe:2.3:h:cisco:x9636q-r:-:::::::*

Configuration 3 (hide)

AND

OR	cpe:2.3:o:cisco:nx-os::::::::
	cpe:2.3:o:cisco:nx-os::::::::

OR	cpe:2.3:h:cisco:nexus_5010:-:::::::*
	cpe:2.3:h:cisco:nexus_5020:-:::::::*
	cpe:2.3:h:cisco:nexus_5548p:-:::::::*
	cpe:2.3:h:cisco:nexus_5548up:-:::::::*
	cpe:2.3:h:cisco:nexus_5596t:-:::::::*
	cpe:2.3:h:cisco:nexus_5596up:-:::::::*
	cpe:2.3:h:cisco:nexus_56128p:-:::::::*
	cpe:2.3:h:cisco:nexus_5624q:-:::::::*
	cpe:2.3:h:cisco:nexus_5648q:-:::::::*
	cpe:2.3:h:cisco:nexus_5672up:-:::::::*
	cpe:2.3:h:cisco:nexus_5672up-16g:-:::::::*
	cpe:2.3:h:cisco:nexus_5696q:-:::::::*
	cpe:2.3:h:cisco:nexus_6001:-:::::::*
	cpe:2.3:h:cisco:nexus_6004:-:::::::*

Configuration 4 (hide)

AND

OR	cpe:2.3:o:cisco:nx-os::::::::
	cpe:2.3:o:cisco:nx-os::::::::

OR	cpe:2.3:h:cisco:7000_10-slot:-:::::::*
	cpe:2.3:h:cisco:7000_18-slot:-:::::::*
	cpe:2.3:h:cisco:7000_4-slot:-:::::::*
	cpe:2.3:h:cisco:7000_9-slot:-:::::::*
	cpe:2.3:h:cisco:7700_10-slot:-:::::::*
	cpe:2.3:h:cisco:7700_18-slot:-:::::::*
	cpe:2.3:h:cisco:7700_2-slot:-:::::::*
	cpe:2.3:h:cisco:7700_6-slot:-:::::::*
	cpe:2.3:h:cisco:n77-f312ck-26:-:::::::*
	cpe:2.3:h:cisco:n77-f324fq-25:-:::::::*
	cpe:2.3:h:cisco:n77-f348xp-23:-:::::::*
	cpe:2.3:h:cisco:n77-f430cq-36:-:::::::*
	cpe:2.3:h:cisco:n77-m312cq-26l:-:::::::*
	cpe:2.3:h:cisco:n77-m324fq-25l:-:::::::*
	cpe:2.3:h:cisco:n77-m348xp-23l:-:::::::*
	cpe:2.3:h:cisco:n7k-f248xp-25e:-:::::::*
	cpe:2.3:h:cisco:n7k-f306ck-25:-:::::::*
	cpe:2.3:h:cisco:n7k-f312fq-25:-:::::::*
	cpe:2.3:h:cisco:n7k-m202cf-22l:-:::::::*
	cpe:2.3:h:cisco:n7k-m206fq-23l:-:::::::*
	cpe:2.3:h:cisco:n7k-m224xp-23l:-:::::::*
	cpe:2.3:h:cisco:n7k-m324fq-25l:-:::::::*
	cpe:2.3:h:cisco:n7k-m348xp-25l:-:::::::*
	cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:::::::*
	cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:::::::*
	cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:::::::*
	cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:::::::*
	cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:::::::*

Configuration 5 (hide)

AND

OR	cpe:2.3:o:cisco:nx-os::::::::
	cpe:2.3:o:cisco:nx-os::::::::

OR	cpe:2.3:h:cisco:n9k-c92160yc-x:-:::::::*
	cpe:2.3:h:cisco:n9k-c9236c:-:::::::*
	cpe:2.3:h:cisco:n9k-c9272q:-:::::::*
	cpe:2.3:h:cisco:n9k-c93180lc-ex:-:::::::*
	cpe:2.3:h:cisco:n9k-c93180yc-ex:-:::::::*
	cpe:2.3:h:cisco:n9k-c93180yc-fx:-:::::::*
	cpe:2.3:h:cisco:n9k-x9732c-ex:-:::::::*
	cpe:2.3:h:cisco:n9k-x9736c-fx:-:::::::*
	cpe:2.3:h:cisco:nexus_3048:-:::::::*

Configuration 6 (hide)

AND

OR	cpe:2.3:o:cisco:nx-os::::::::
	cpe:2.3:o:cisco:nx-os::::::::

OR	cpe:2.3:h:cisco:nexus_3524-x\/xl:-:::::::*
	cpe:2.3:h:cisco:nexus_3548-x\/xl:-:::::::*

Configuration 7 (hide)

AND

OR	cpe:2.3:o:cisco:nx-os::::::::
	cpe:2.3:o:cisco:nx-os::::::::

OR	cpe:2.3:h:cisco:ucs-6296up:-:::::::*
	cpe:2.3:h:cisco:ucs_6248up:-:::::::*
	cpe:2.3:h:cisco:ucs_6324:-:::::::*
	cpe:2.3:h:cisco:ucs_6332:-:::::::*
	cpe:2.3:h:cisco:ucs_6332-16up:-:::::::*

History

21 Nov 2024, 04:37

Type	Values Removed	Values Added
References	~~() https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-fsip-dos - Vendor Advisory~~	() https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-fsip-dos - Vendor Advisory
CVSS	v2 : ~~7.8~~ v3 : ~~7.5~~	v2 : 7.8 v3 : 8.6

Information

Published : 2019-08-28 19:15

Updated : 2024-11-21 04:37

NVD link : CVE-2019-1962

Mitre link : CVE-2019-1962

CVE.ORG link : CVE-2019-1962

JSON object : View

Products Affected

cisco

nexus_5596t
n9k-c93180lc-ex
7700_18-slot
nexus_3048
mds_9718
nexus_5672up
n7k-m202cf-22l
n77-f430cq-36
mds_9148t
x96136yc-r
ucs_6332
mds_9706
nexus_5624q
mds_9222i
ucs-6296up
nexus_36180yc-r
n9k-c92160yc-x
mds_9148s
nx-os
7700_10-slot
n77-m324fq-25l
n7k-m224xp-23l
n9k-x9732c-ex
nexus_5648q
nexus_3524-x\/xl
nexus_5596up
7700_2-slot
7000_10-slot
n77-f312ck-26
nexus_6004
ucs_6248up
n9k-c9272q
n9k-x9636q-r
n77-m348xp-23l
nexus_7000_supervisor_2e
x9636q-r
nexus_56128p
n9k-x9636c-r
nexus_5672up-16g
n9k-x96136yc-r
nexus_7000_supervisor_1
n7k-f306ck-25
x9636c-r
n77-m312cq-26l
mds_9513
n7k-f312fq-25
mds_9710
ucs_6332-16up
x9636c-rx
7000_4-slot
mds_9506
nexus_7000_supervisor_2
n9k-c9508-fm-r
mds_9216a
n9k-x9636c-rx
nexus_7700_supervisor_2e
n7k-m206fq-23l
nexus_5696q
nexus_3548-x\/xl
n9k-c9236c
mds_9250i
mds_9396s
n77-f324fq-25
n7k-m324fq-25l
mds_9132t
n77-f348xp-23
nexus_5020
n7k-f248xp-25e
n9k-c93180yc-ex
nexus_3636c-r
mds_9216
nexus_5548up
7000_9-slot
nexus_5010
ucs_6324
n7k-m348xp-25l
mds_9396t
n9k-x9736c-fx
n9k-c9504-fm-r
mds_9509
mds_9216i
nexus_6001
7000_18-slot
nexus_5548p
nexus_7700_supervisor_3e
7700_6-slot
n9k-c93180yc-fx

CWE

CWE-20

Improper Input Validation

8.6 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

7.8 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

JSON object

Attach tags to CVE-2019-1962

8.6^/10

7.8^/10

Attach tags to `CVE-2019-1962`