Lucene search

[email protected]NVD:CVE-2019-1616

HistoryMar 11, 2019 - 9:29 p.m.

CVE-2019-1616

2019-03-1121:29:00

CWE-20

CWE-119

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.2%

JSON

A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow, resulting in process crashes and a DoS condition on the device. MDS 9000 Series Multilayer Switches are affected running software versions prior to 6.2(25), 8.1(1b), 8.3(1). Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 3500 Platform Switches are affected running software versions prior to 6.0(2)A8(10) and 7.0(3)I7(4). Nexus 3600 Platform Switches are affected running software versions prior to 7.0(3)F3(5) Nexus 7000 and 7700 Series Switches are affected running software versions prior to 6.2(22) and 8.2(3). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 9500 R-Series Line Cards and Fabric Modules are affected running software versions prior to 7.0(3)F3(5). UCS 6200, 6300, and 6400 Fabric Interconnects are affected running software versions prior to 3.2(3j) and 4.0(2a).

Affected configurations

NVD

Node

cisconx-osRange8.2–8.3\(1\)

AND

ciscomds_9000Match-

Node

cisconx-osRange7.0\(3\)–7.0\(3\)i7\(4\)

AND

cisconexus_3500Match-

Node

cisconx-osRange7.0\(3\)i5–7.0\(3\)i7\(4\)

AND

cisconexus_3000Match-

Node

cisconx-osRange7.0\(3\)f3–7.0\(3\)f3\(3c\)

AND

cisconexus_3600Match-

Node

cisconx-osRange7.2–8.2\(3\)

AND

cisconexus_7000Match-

cisconexus_7700Match-

Node

cisconx-osRange7.0\(3\)i5–7.0\(3\)i7\(4\)

AND

cisconexus_9000Match-

Node

cisconx-osRange7.0\(3\)f1–7.0\(3\)f3\(3c\)

AND

cisconexus_9500Match-

Node

cisconx-osRange7.3–8.1\(1b\)

AND

ciscomds_9000Match-

Node

cisconx-osRange5.2–6.2\(25\)

AND

ciscomds_9000Match-

Node

cisconx-osRange7.0\(3\)i4–7.0\(3\)i4\(9\)

AND

cisconexus_3000Match-

Node

cisconx-osRange6.2–6.2\(22\)

AND

cisconexus_7000Match-

cisconexus_7700Match-

Node

cisconx-osRange<6.2\(22\)

AND

cisconexus_7000Match-

cisconexus_7700Match-

Node

cisconx-osRange<7.0\(3\)i4\(9\)

AND

cisconexus_9000Match-

Node

cisconx-osRange6.0\(2\)a8–6.0\(2\)a8\(10\)

AND

cisconexus_3500Match-

Node

cisconx-osRange≤6.0\(2\)a8

AND

cisconexus_3500Match-

Node

cisconx-osRange≤7.0\(3\)i4

AND

cisconexus_3000Match-

Node

cisconx-osRange4.0–4.0\(2a\)

AND

ciscoucs_6200Match-

ciscoucs_6300Match-

ciscoucs_6400Match-

Node

cisconx-osRange<3.2\(3j\)

AND

ciscoucs_6200Match-

ciscoucs_6300Match-

ciscoucs_6400Match-

References

www.securityfocus.com/bid/107395

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-fabric-dos

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.2%

JSON

Related for NVD:CVE-2019-1616

nessus2 cvelist1 cve1 prion1 cisco1