CVE-2019-1977

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2019-1977
A vulnerability within the Endpoint Learning feature of Cisco Nexus 9000 Series Switches running in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an endpoint device in certain circumstances. The vulnerability is due to improper endpoint learning when packets are received on a specific port from outside the ACI fabric and destined to an endpoint located on a border leaf when Disable Remote Endpoint Learning has been enabled. This can result in a Remote (XR) entry being created for the impacted endpoint that will become stale if the endpoint migrates to a different port or leaf switch. This results in traffic not reaching the impacted endpoint until the Remote entry can be relearned by another mechanism.

6.8 /10

CVSS v3 : MEDIUM

V3 Legend

Vector : AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

Exploitability : 2.2 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nexus-aci-dos Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nexus-aci-dos Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:cisco:nx-os:12.3\(1h\):*:*:*:*:*:*:*
cpe:2.3:o:cisco:nx-os:13.1\(2m\):*:*:*:*:*:*:*
cpe:2.3:o:cisco:nx-os:13.1\(2o\):*:*:*:*:*:*:*
cpe:2.3:o:cisco:nx-os:13.1\(2p\):*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*
History

21 Nov 2024, 04:37

Type Values Removed Values Added
CVSS v2 : 4.3
v3 : 7.5 		v2 : 4.3
v3 : 6.8
References () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nexus-aci-dosĀ - Vendor Advisory () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nexus-aci-dosĀ - Vendor Advisory
Information

Published : 2019-08-30 09:15

Updated : 2024-11-21 04:37

NVD link : CVE-2019-1977

Mitre link : CVE-2019-1977

CVE.ORG link : CVE-2019-1977

JSON object : View

Products Affected

cisco

  • nexus_93120tx
  • nexus_9364c
  • nexus_9396tx
  • nexus_9336c-fx2
  • nexus_9504
  • nexus_93180yc-ex
  • nexus_9516
  • nexus_93180yc-fx
  • nexus_9332pq
  • nexus_93180lc-ex
  • nexus_9372px-e
  • nexus_9336pq
  • nexus_9372px
  • nexus_9372tx-e
  • nexus_9348gc-fxp
  • nx-os
  • nexus_93108tc-ex
  • nexus_9372tx
  • nexus_9000
  • nexus_9396px
  • nexus_93108tc-fx
  • nexus_93128tx
  • nexus_9508
CWE
CWE-371

State Issues