CVE-2019-1616

Published Mar 11, 2019

Last updated 5 years ago

CVSS high 7.5

Overview

Description: A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow, resulting in process crashes and a DoS condition on the device. MDS 9000 Series Multilayer Switches are affected running software versions prior to 6.2(25), 8.1(1b), 8.3(1). Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 3500 Platform Switches are affected running software versions prior to 6.0(2)A8(10) and 7.0(3)I7(4). Nexus 3600 Platform Switches are affected running software versions prior to 7.0(3)F3(5) Nexus 7000 and 7700 Series Switches are affected running software versions prior to 6.2(22) and 8.2(3). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 9500 R-Series Line Cards and Fabric Modules are affected running software versions prior to 7.0(3)F3(5). UCS 6200, 6300, and 6400 Fabric Interconnects are affected running software versions prior to 3.2(3j) and 4.0(2a).
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-119
ykramarz@cisco.com: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4863FC5-6578-48DE-838D-E5D2EEFF27B1",
            "versionEndExcluding": "8.3\\(1\\)",
            "versionStartIncluding": "8.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F24A8F48-7C57-40DD-AF84-3CB2940611DF",
            "versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
            "versionStartIncluding": "7.0\\(3\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C59A80D2-51B2-42C4-8FAA-F00A42388F90",
            "versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
            "versionStartIncluding": "7.0\\(3\\)i5"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B76CC56F-08AB-46EB-B9DB-E1EE77201855",
            "versionEndExcluding": "7.0\\(3\\)f3\\(3c\\)",
            "versionStartIncluding": "7.0\\(3\\)f3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "97217080-455C-48E4-8CE1-6D5B9485864F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A90CA0AC-1B11-4875-B67F-BE443682C89D",
            "versionEndExcluding": "8.2\\(3\\)",
            "versionStartIncluding": "7.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C59A80D2-51B2-42C4-8FAA-F00A42388F90",
            "versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
            "versionStartIncluding": "7.0\\(3\\)i5"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1D65811-E82B-4FE9-A23B-7538FD2D4AF1",
            "versionEndExcluding": "7.0\\(3\\)f3\\(3c\\)",
            "versionStartIncluding": "7.0\\(3\\)f1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86770ECC-BC1D-42BC-A65B-FCE598491BEE",
            "versionEndExcluding": "8.1\\(1b\\)",
            "versionStartIncluding": "7.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E762B981-6AC3-41E2-9FF5-DBA9616EA75C",
            "versionEndExcluding": "6.2\\(25\\)",
            "versionStartIncluding": "5.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DFCC3C2-3483-4BD0-AF71-23574D0849B1",
            "versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
            "versionStartIncluding": "7.0\\(3\\)i4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E30AB8D6-3F3F-43A3-B7E9-ABD5D3052FA8",
            "versionEndExcluding": "6.2\\(22\\)",
            "versionStartIncluding": "6.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4",
            "versionEndExcluding": "6.2\\(22\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "92B576CF-5EAD-4830-A7B7-ACC434349691",
            "versionEndExcluding": "7.0\\(3\\)i4\\(9\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BEC3E03D-81F8-4EF4-96A1-D6F0B2767055",
            "versionEndExcluding": "6.0\\(2\\)a8\\(10\\)",
            "versionStartIncluding": "6.0\\(2\\)a8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "013763DA-8E91-452D-8E00-A15F10D0D0FA",
            "versionEndIncluding": "6.0\\(2\\)a8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7863D91-BA8E-4FB4-9294-8E0B92F42825",
            "versionEndIncluding": "7.0\\(3\\)i4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81A332B7-8234-442D-B6FA-EFE5D604E436",
            "versionEndExcluding": "4.0\\(2a\\)",
            "versionStartIncluding": "4.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A0B96E5C-CC27-4020-93CE-413B95DCABB0"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C6BCF41B-A617-4563-8D14-E906411354FB"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_6400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B1888B66-5CF7-4D4D-B832-E2CF75D6EAD8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01C8F238-9A6A-4DFA-AE7B-8E69CD2E4F59",
            "versionEndExcluding": "3.2\\(3j\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A0B96E5C-CC27-4020-93CE-413B95DCABB0"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C6BCF41B-A617-4563-8D14-E906411354FB"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_6400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B1888B66-5CF7-4D4D-B832-E2CF75D6EAD8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References