All the vulnerabilites related to cisco - ucs_6400
cve-2019-1599
Vulnerability from cvelistv5
Published
2019-03-07 20:00
Modified
2024-11-19 19:15
Severity ?
EPSS score ?
Summary
A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to an issue with allocating and freeing memory buffers in the network stack. An attacker could exploit this vulnerability by sending crafted TCP streams to an affected device in a sustained way. A successful exploit could cause the network stack of an affected device to run out of available buffers, impairing operations of control plane and management plane protocols, resulting in a DoS condition. Note: This vulnerability can be triggered only by traffic that is destined to an affected device and cannot be exploited using traffic that transits an affected device. Nexus 1000V Switch for Microsoft Hyper-V is affected in versions prior to 5.2(1)SM3(2.1). Nexus 1000V Switch for VMware vSphere is affected in versions prior to 5.2(1)SV3(4.1a). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(6) and 9.2(2). Nexus 3500 Platform Switches are affected in versions prior to 6.0(2)A8(11), 7.0(3)I7(6), and 9.2(2). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5) and 9.2(2). Nexus 5500, 5600, and 6000 Series Switches are affected in versions prior to 7.1(5)N1(1b) and 7.3(5)N1(1). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(22. Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5) and 9.2(2). UCS 6200 and 6300 Series Fabric Interconnect are affected in versions prior to 3.2(3j) and 4.0(2a). UCS 6400 Series Fabric Interconnect are affected in versions prior to 4.0(2a).
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-netstack | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/107342 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Cisco | Nexus 1000V Switch for Microsoft Hyper-V |
Version: unspecified < 5.2(1)SM3(2.1) |
||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190306 Cisco NX-OS Software Netstack Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-netstack"
},
{
"name": "107342",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107342"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1599",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:25:19.239562Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:15:41.039Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Nexus 1000V Switch for Microsoft Hyper-V",
"vendor": "Cisco",
"versions": [
{
"lessThan": "5.2(1)SM3(2.1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 1000V Switch for VMware vSphere",
"vendor": "Cisco",
"versions": [
{
"lessThan": "5.2(1)SV3(4.1a)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 3000 Series Switches",
"vendor": "Cisco",
"versions": [
{
"lessThan": "7.0(3)I7(6)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "9.2(2)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 3500 Platform Switches",
"vendor": "Cisco",
"versions": [
{
"lessThan": "6.0(2)A8(11)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "7.0(3)I7(6)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "9.2(2)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 3600 Platform Switches",
"vendor": "Cisco",
"versions": [
{
"lessThan": "7.0(3)F3(5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "9.2(2)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 5500, 5600, and 6000 Series Switches",
"vendor": "Cisco",
"versions": [
{
"lessThan": "7.1(5)N1(1b)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "7.3(5)N1(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 7000 and 7700 Series Switches",
"vendor": "Cisco",
"versions": [
{
"lessThan": "6.2(22)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "7.3(3)D1(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "8.2(3)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "8.3(2)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 9000 Series Switches in Standalone NX-OS Mode",
"vendor": "Cisco",
"versions": [
{
"lessThan": "7.0(3)I7(6)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "9.2(2)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 9500 R-Series Line Cards and Fabric Modules",
"vendor": "Cisco",
"versions": [
{
"lessThan": "7.0(3)F3(5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "9.2(2)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "UCS 6200 and 6300 Series Fabric Interconnect",
"vendor": "Cisco",
"versions": [
{
"lessThan": "3.2(3j)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "4.0(2a)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "UCS 6400 Series Fabric Interconnect",
"vendor": "Cisco",
"versions": [
{
"lessThan": "4.0(2a)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to an issue with allocating and freeing memory buffers in the network stack. An attacker could exploit this vulnerability by sending crafted TCP streams to an affected device in a sustained way. A successful exploit could cause the network stack of an affected device to run out of available buffers, impairing operations of control plane and management plane protocols, resulting in a DoS condition. Note: This vulnerability can be triggered only by traffic that is destined to an affected device and cannot be exploited using traffic that transits an affected device. Nexus 1000V Switch for Microsoft Hyper-V is affected in versions prior to 5.2(1)SM3(2.1). Nexus 1000V Switch for VMware vSphere is affected in versions prior to 5.2(1)SV3(4.1a). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(6) and 9.2(2). Nexus 3500 Platform Switches are affected in versions prior to 6.0(2)A8(11), 7.0(3)I7(6), and 9.2(2). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5) and 9.2(2). Nexus 5500, 5600, and 6000 Series Switches are affected in versions prior to 7.1(5)N1(1b) and 7.3(5)N1(1). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(22. Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5) and 9.2(2). UCS 6200 and 6300 Series Fabric Interconnect are affected in versions prior to 3.2(3j) and 4.0(2a). UCS 6400 Series Fabric Interconnect are affected in versions prior to 4.0(2a)."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-11T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190306 Cisco NX-OS Software Netstack Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-netstack"
},
{
"name": "107342",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107342"
}
],
"source": {
"advisory": "cisco-sa-20190306-nxos-netstack",
"defect": [
[
"CSCvk55013",
"CSCvm53108",
"CSCvm53112",
"CSCvm53113",
"CSCvm53114",
"CSCvm53115",
"CSCvm53116",
"CSCvm53125",
"CSCvm53128"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Netstack Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-03-06T16:00:00-0800",
"ID": "CVE-2019-1599",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Netstack Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Nexus 1000V Switch for Microsoft Hyper-V",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "5.2(1)SM3(2.1)"
}
]
}
},
{
"product_name": "Nexus 1000V Switch for VMware vSphere",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "5.2(1)SV3(4.1a)"
}
]
}
},
{
"product_name": "Nexus 3000 Series Switches",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)I7(6)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "9.2(2)"
}
]
}
},
{
"product_name": "Nexus 3500 Platform Switches",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "6.0(2)A8(11)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)I7(6)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "9.2(2)"
}
]
}
},
{
"product_name": "Nexus 3600 Platform Switches",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)F3(5)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "9.2(2)"
}
]
}
},
{
"product_name": "Nexus 5500, 5600, and 6000 Series Switches",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.1(5)N1(1b)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.3(5)N1(1)"
}
]
}
},
{
"product_name": "Nexus 7000 and 7700 Series Switches",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "6.2(22)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.3(3)D1(1)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.2(3)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(2)"
}
]
}
},
{
"product_name": "Nexus 9000 Series Switches in Standalone NX-OS Mode",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)I7(6)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "9.2(2)"
}
]
}
},
{
"product_name": "Nexus 9500 R-Series Line Cards and Fabric Modules",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)F3(5)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "9.2(2)"
}
]
}
},
{
"product_name": "UCS 6200 and 6300 Series Fabric Interconnect",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "3.2(3j)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "4.0(2a)"
}
]
}
},
{
"product_name": "UCS 6400 Series Fabric Interconnect",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "4.0(2a)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to an issue with allocating and freeing memory buffers in the network stack. An attacker could exploit this vulnerability by sending crafted TCP streams to an affected device in a sustained way. A successful exploit could cause the network stack of an affected device to run out of available buffers, impairing operations of control plane and management plane protocols, resulting in a DoS condition. Note: This vulnerability can be triggered only by traffic that is destined to an affected device and cannot be exploited using traffic that transits an affected device. Nexus 1000V Switch for Microsoft Hyper-V is affected in versions prior to 5.2(1)SM3(2.1). Nexus 1000V Switch for VMware vSphere is affected in versions prior to 5.2(1)SV3(4.1a). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(6) and 9.2(2). Nexus 3500 Platform Switches are affected in versions prior to 6.0(2)A8(11), 7.0(3)I7(6), and 9.2(2). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5) and 9.2(2). Nexus 5500, 5600, and 6000 Series Switches are affected in versions prior to 7.1(5)N1(1b) and 7.3(5)N1(1). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(22. Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5) and 9.2(2). UCS 6200 and 6300 Series Fabric Interconnect are affected in versions prior to 3.2(3j) and 4.0(2a). UCS 6400 Series Fabric Interconnect are affected in versions prior to 4.0(2a)."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190306 Cisco NX-OS Software Netstack Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-netstack"
},
{
"name": "107342",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107342"
}
]
},
"source": {
"advisory": "cisco-sa-20190306-nxos-netstack",
"defect": [
[
"CSCvk55013",
"CSCvm53108",
"CSCvm53112",
"CSCvm53113",
"CSCvm53114",
"CSCvm53115",
"CSCvm53116",
"CSCvm53125",
"CSCvm53128"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1599",
"datePublished": "2019-03-07T20:00:00Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T19:15:41.039Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34714
Vulnerability from cvelistv5
Published
2021-09-23 02:25
Modified
2024-11-07 21:59
Severity ?
EPSS score ?
Summary
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210922 Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34714",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:40:36.961651Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:59:09.403Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T02:25:58",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210922 Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ"
}
],
"source": {
"advisory": "cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ",
"defect": [
[
"CSCvw22670",
"CSCvw26126",
"CSCvw26127",
"CSCvw26129",
"CSCvw26130",
"CSCvw26152",
"CSCvw46194",
"CSCvw46239"
]
],
"discovery": "INTERNAL"
},
"title": "Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-09-22T16:00:00",
"ID": "CVE-2021-34714",
"STATE": "PUBLIC",
"TITLE": "Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.4",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210922 Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ"
}
]
},
"source": {
"advisory": "cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ",
"defect": [
[
"CSCvw22670",
"CSCvw26126",
"CSCvw26127",
"CSCvw26129",
"CSCvw26130",
"CSCvw26152",
"CSCvw46194",
"CSCvw46239"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34714",
"datePublished": "2021-09-23T02:25:58.322621Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:59:09.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1616
Vulnerability from cvelistv5
Published
2019-03-11 22:00
Modified
2024-11-19 19:15
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow, resulting in process crashes and a DoS condition on the device. MDS 9000 Series Multilayer Switches are affected running software versions prior to 6.2(25), 8.1(1b), 8.3(1). Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 3500 Platform Switches are affected running software versions prior to 6.0(2)A8(10) and 7.0(3)I7(4). Nexus 3600 Platform Switches are affected running software versions prior to 7.0(3)F3(5) Nexus 7000 and 7700 Series Switches are affected running software versions prior to 6.2(22) and 8.2(3). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 9500 R-Series Line Cards and Fabric Modules are affected running software versions prior to 7.0(3)F3(5). UCS 6200, 6300, and 6400 Fabric Interconnects are affected running software versions prior to 3.2(3j) and 4.0(2a).
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/107395 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-fabric-dos | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Cisco | MDS 9000 Series Multilayer Switches |
Version: unspecified < 6.2(25) Version: unspecified < 8.1(1b) Version: unspecified < 8.3(1) |
||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "107395",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107395"
},
{
"name": "20190306 Cisco NX-OS Software Cisco Fabric Services Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-fabric-dos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1616",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:25:17.931759Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:15:32.416Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MDS 9000 Series Multilayer Switches",
"vendor": "Cisco",
"versions": [
{
"lessThan": "6.2(25)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "8.1(1b)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 3000 Series Switches",
"vendor": "Cisco",
"versions": [
{
"lessThan": "7.0(3)I4(9)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "7.0(3)I7(4)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 3500 Platform Switches",
"vendor": "Cisco",
"versions": [
{
"lessThan": "6.0(2)A8(10)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "7.0(3)I7(4)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 3600 Platform Switches",
"vendor": "Cisco",
"versions": [
{
"lessThan": "7.0(3)F3(5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 7000 and 7700 Series Switches",
"vendor": "Cisco",
"versions": [
{
"lessThan": "6.2(22)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "8.2(3)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 9000 Series Switches in Standalone NX-OS Mode",
"vendor": "Cisco",
"versions": [
{
"lessThan": "7.0(3)I4(9)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "7.0(3)I7(4)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 9500 R-Series Line Cards and Fabric Modules",
"vendor": "Cisco",
"versions": [
{
"lessThan": "7.0(3)F3(5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "UCS 6200, 6300, and 6400 Fabric Interconnects",
"vendor": "Cisco",
"versions": [
{
"lessThan": "3.2(3j)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "4.0(2a)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow, resulting in process crashes and a DoS condition on the device. MDS 9000 Series Multilayer Switches are affected running software versions prior to 6.2(25), 8.1(1b), 8.3(1). Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 3500 Platform Switches are affected running software versions prior to 6.0(2)A8(10) and 7.0(3)I7(4). Nexus 3600 Platform Switches are affected running software versions prior to 7.0(3)F3(5) Nexus 7000 and 7700 Series Switches are affected running software versions prior to 6.2(22) and 8.2(3). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 9500 R-Series Line Cards and Fabric Modules are affected running software versions prior to 7.0(3)F3(5). UCS 6200, 6300, and 6400 Fabric Interconnects are affected running software versions prior to 3.2(3j) and 4.0(2a)."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-14T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "107395",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107395"
},
{
"name": "20190306 Cisco NX-OS Software Cisco Fabric Services Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-fabric-dos"
}
],
"source": {
"advisory": "cisco-sa-20190306-nxos-fabric-dos",
"defect": [
[
"CSCvh99066",
"CSCvj10176",
"CSCvj10178",
"CSCvj10181",
"CSCvj10183"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Cisco Fabric Services Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-03-06T16:00:00-0800",
"ID": "CVE-2019-1616",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Cisco Fabric Services Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MDS 9000 Series Multilayer Switches",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "6.2(25)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.1(1b)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
},
{
"product_name": "Nexus 3000 Series Switches",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)I4(9)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)I7(4)"
}
]
}
},
{
"product_name": "Nexus 3500 Platform Switches",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "6.0(2)A8(10)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)I7(4)"
}
]
}
},
{
"product_name": "Nexus 3600 Platform Switches",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)F3(5)"
}
]
}
},
{
"product_name": "Nexus 7000 and 7700 Series Switches",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "6.2(22)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.2(3)"
}
]
}
},
{
"product_name": "Nexus 9000 Series Switches in Standalone NX-OS Mode",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)I4(9)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)I7(4)"
}
]
}
},
{
"product_name": "Nexus 9500 R-Series Line Cards and Fabric Modules",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)F3(5)"
}
]
}
},
{
"product_name": "UCS 6200, 6300, and 6400 Fabric Interconnects",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "3.2(3j)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "4.0(2a)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow, resulting in process crashes and a DoS condition on the device. MDS 9000 Series Multilayer Switches are affected running software versions prior to 6.2(25), 8.1(1b), 8.3(1). Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 3500 Platform Switches are affected running software versions prior to 6.0(2)A8(10) and 7.0(3)I7(4). Nexus 3600 Platform Switches are affected running software versions prior to 7.0(3)F3(5) Nexus 7000 and 7700 Series Switches are affected running software versions prior to 6.2(22) and 8.2(3). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 9500 R-Series Line Cards and Fabric Modules are affected running software versions prior to 7.0(3)F3(5). UCS 6200, 6300, and 6400 Fabric Interconnects are affected running software versions prior to 3.2(3j) and 4.0(2a)."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "107395",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107395"
},
{
"name": "20190306 Cisco NX-OS Software Cisco Fabric Services Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-fabric-dos"
}
]
},
"source": {
"advisory": "cisco-sa-20190306-nxos-fabric-dos",
"defect": [
[
"CSCvh99066",
"CSCvj10176",
"CSCvj10178",
"CSCvj10181",
"CSCvj10183"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1616",
"datePublished": "2019-03-11T22:00:00Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T19:15:32.416Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1690
Vulnerability from cvelistv5
Published
2019-03-11 22:00
Modified
2024-11-21 19:42
Severity ?
EPSS score ?
Summary
A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/107317 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Application Policy Infrastructure Controller (APIC) |
Version: unspecified < 4.2(0.21c) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:41.061Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "107317",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107317"
},
{
"name": "20190306 Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1690",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:59:59.996279Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:42:40.791Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Application Policy Infrastructure Controller (APIC)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "4.2(0.21c)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-12T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "107317",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107317"
},
{
"name": "20190306 Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6"
}
],
"source": {
"advisory": "cisco-sa-20190306-apic-ipv6",
"defect": [
[
"CSCvn09855"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-03-06T16:00:00-0800",
"ID": "CVE-2019-1690",
"STATE": "PUBLIC",
"TITLE": "Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Application Policy Infrastructure Controller (APIC)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "4.2(0.21c)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.3",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "107317",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107317"
},
{
"name": "20190306 Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6"
}
]
},
"source": {
"advisory": "cisco-sa-20190306-apic-ipv6",
"defect": [
[
"CSCvn09855"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1690",
"datePublished": "2019-03-11T22:00:00Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:42:40.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2019-03-11 21:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/107317 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107317 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "980B41C7-4122-4D8B-9AAB-2D7BBBC5A7B3",
"versionEndExcluding": "4.2\\(0.21c\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
"matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9134:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB00911-C0B0-4A4E-A0B9-413EC9D9C25A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1888B66-5CF7-4D4D-B832-E2CF75D6EAD8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de gesti\u00f3n del software de Cisco Application Policy Infrastructure Controller (APIC) podr\u00eda permitir a un atacante adyacente sin autenticar obtener acceso no autorizado a un dispositivo afectado. La vulnerabilidad se debe a una falta de mecanismos de control de acceso adecuados para la conectividad IPv6 (link-local) que se impone en la interfaz de gesti\u00f3n de un dispositivo afectado. Un atacante en la misma red f\u00edsica podr\u00eda explotar esta vulnerabilidad intentando conectarse a la direcci\u00f3n IPv6 (link local) en el dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante omitir las restricciones de control de acceso en un dispositivo afectado. Los dispositivos de Cisco Application Policy Controller (APIC) en versiones anteriores a 4.2(0.21c) se ven afectados."
}
],
"id": "CVE-2019-1690",
"lastModified": "2024-11-21T04:37:06.480",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-11T21:29:01.090",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107317"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-07 20:29
Modified
2024-11-21 04:36
Severity ?
Summary
A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to an issue with allocating and freeing memory buffers in the network stack. An attacker could exploit this vulnerability by sending crafted TCP streams to an affected device in a sustained way. A successful exploit could cause the network stack of an affected device to run out of available buffers, impairing operations of control plane and management plane protocols, resulting in a DoS condition. Note: This vulnerability can be triggered only by traffic that is destined to an affected device and cannot be exploited using traffic that transits an affected device. Nexus 1000V Switch for Microsoft Hyper-V is affected in versions prior to 5.2(1)SM3(2.1). Nexus 1000V Switch for VMware vSphere is affected in versions prior to 5.2(1)SV3(4.1a). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(6) and 9.2(2). Nexus 3500 Platform Switches are affected in versions prior to 6.0(2)A8(11), 7.0(3)I7(6), and 9.2(2). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5) and 9.2(2). Nexus 5500, 5600, and 6000 Series Switches are affected in versions prior to 7.1(5)N1(1b) and 7.3(5)N1(1). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(22. Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5) and 9.2(2). UCS 6200 and 6300 Series Fabric Interconnect are affected in versions prior to 3.2(3j) and 4.0(2a). UCS 6400 Series Fabric Interconnect are affected in versions prior to 4.0(2a).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/107342 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-netstack | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107342 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-netstack | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | * | |
| cisco | nexus_3000 | - | |
| cisco | nexus_3500 | - | |
| cisco | nexus_3600 | - | |
| cisco | nx-os | * | |
| cisco | nexus_3500 | - | |
| cisco | nx-os | * | |
| cisco | nexus_3600 | - | |
| cisco | nx-os | * | |
| cisco | nexus_5500 | - | |
| cisco | nexus_5600 | - | |
| cisco | nexus_6000 | - | |
| cisco | nx-os | * | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | * | |
| cisco | nexus_9000 | - | |
| cisco | nexus_9500 | - | |
| cisco | nx-os | * | |
| cisco | nexus_3500 | - | |
| cisco | nx-os | * | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | * | |
| cisco | nexus_3000 | - | |
| cisco | nx-os | * | |
| cisco | nexus_9500 | - | |
| cisco | nx-os | * | |
| cisco | nexus_1000v | - | |
| cisco | nx-os | * | |
| cisco | nexus_1000v | - | |
| cisco | nx-os | * | |
| cisco | ucs_6200 | - | |
| cisco | ucs_6300 | - | |
| cisco | nx-os | * | |
| cisco | ucs_6400 | - | |
| cisco | nx-os | * | |
| cisco | ucs_6200 | - | |
| cisco | ucs_6300 | - | |
| cisco | nx-os | * | |
| cisco | nexus_3000 | - | |
| cisco | nx-os | * | |
| cisco | nexus_5500 | - | |
| cisco | nexus_5600 | - | |
| cisco | nexus_6000 | - | |
| cisco | nx-os | * | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | * | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | * | |
| cisco | nexus_9000 | - | |
| cisco | nx-os | * | |
| cisco | nexus_9000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F38F5064-F7E2-4B6F-BB50-32DBC205E164",
"versionEndExcluding": "9.2\\(2\\)",
"versionStartIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97217080-455C-48E4-8CE1-6D5B9485864F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FF64D0B-754A-415E-AE5C-059E3DB14489",
"versionEndExcluding": "7.0\\(3\\)i7\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97217080-455C-48E4-8CE1-6D5B9485864F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB4F7321-424B-4A60-8A8C-A19D4B8BD500",
"versionEndExcluding": "7.3\\(5\\)n1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFC8699E-81C0-4374-B827-71B3916B910D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "870F4379-68F6-4B34-B99B-107DFE0DBD63",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A58223F-3B15-420B-A6D4-841451CF0380",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAE6700-E2D9-486F-9113-CEAA6B47DE1F",
"versionEndExcluding": "8.3\\(2\\)",
"versionStartIncluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F38F5064-F7E2-4B6F-BB50-32DBC205E164",
"versionEndExcluding": "9.2\\(2\\)",
"versionStartIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE",
"versionEndExcluding": "6.0\\(2\\)a8\\(11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4",
"versionEndExcluding": "6.2\\(22\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C322689-0DC6-412F-B82F-F64F0B5D68DA",
"versionEndExcluding": "7.0\\(3\\)i7\\(6\\)",
"versionStartIncluding": "7.0\\(3\\)i5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2FC20E-4AA1-493C-925C-6AB76C99CF80",
"versionEndExcluding": "5.2\\(1\\)sm3\\(2.1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:microsoft_hyper-v:*:*",
"matchCriteriaId": "B7063CEF-58CC-449E-BFDA-39371BA088AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59B48D7E-BD70-4971-B508-1DAD4841C5CE",
"versionEndExcluding": "5.2\\(1\\)sv3\\(4.1a\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "9A5FFC5B-6F90-4E8F-9AE2-B4DA4C7A144B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81A332B7-8234-442D-B6FA-EFE5D604E436",
"versionEndExcluding": "4.0\\(2a\\)",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B96E5C-CC27-4020-93CE-413B95DCABB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BCF41B-A617-4563-8D14-E906411354FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81A332B7-8234-442D-B6FA-EFE5D604E436",
"versionEndExcluding": "4.0\\(2a\\)",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1888B66-5CF7-4D4D-B832-E2CF75D6EAD8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01C8F238-9A6A-4DFA-AE7B-8E69CD2E4F59",
"versionEndExcluding": "3.2\\(3j\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B96E5C-CC27-4020-93CE-413B95DCABB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BCF41B-A617-4563-8D14-E906411354FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92B576CF-5EAD-4830-A7B7-ACC434349691",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "934E7941-C773-4032-944B-4AC57FB11D23",
"versionEndExcluding": "7.1\\(5\\)n1\\(1b\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFC8699E-81C0-4374-B827-71B3916B910D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "870F4379-68F6-4B34-B99B-107DFE0DBD63",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A58223F-3B15-420B-A6D4-841451CF0380",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8882184-A5B1-4F67-B942-FDEE2FFD43F4",
"versionEndExcluding": "8.2\\(3\\)",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3411F8C2-D65A-46CF-9563-0A9866462491",
"versionEndExcluding": "7.3\\(3\\)d1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C322689-0DC6-412F-B82F-F64F0B5D68DA",
"versionEndExcluding": "7.0\\(3\\)i7\\(6\\)",
"versionStartIncluding": "7.0\\(3\\)i5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92B576CF-5EAD-4830-A7B7-ACC434349691",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to an issue with allocating and freeing memory buffers in the network stack. An attacker could exploit this vulnerability by sending crafted TCP streams to an affected device in a sustained way. A successful exploit could cause the network stack of an affected device to run out of available buffers, impairing operations of control plane and management plane protocols, resulting in a DoS condition. Note: This vulnerability can be triggered only by traffic that is destined to an affected device and cannot be exploited using traffic that transits an affected device. Nexus 1000V Switch for Microsoft Hyper-V is affected in versions prior to 5.2(1)SM3(2.1). Nexus 1000V Switch for VMware vSphere is affected in versions prior to 5.2(1)SV3(4.1a). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(6) and 9.2(2). Nexus 3500 Platform Switches are affected in versions prior to 6.0(2)A8(11), 7.0(3)I7(6), and 9.2(2). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5) and 9.2(2). Nexus 5500, 5600, and 6000 Series Switches are affected in versions prior to 7.1(5)N1(1b) and 7.3(5)N1(1). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(22. Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5) and 9.2(2). UCS 6200 and 6300 Series Fabric Interconnect are affected in versions prior to 3.2(3j) and 4.0(2a). UCS 6400 Series Fabric Interconnect are affected in versions prior to 4.0(2a)."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la pila de red del software NX-OS de Cisco podr\u00eda permitir a un atacante remoto sin autenticar provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a un fallo a la hora de asignar y librar b\u00faferes de memoria en la pila de red. Un atacante podr\u00eda explotar esta vulnerabilidad enviando flujos TCP manipulados a un dispositivo afectado. Su explotaci\u00f3n con \u00e9xito podr\u00eda provocar que la red de pila de un dispositivo afectado agote los b\u00faferes disponibles, afectando a las operaciones de los protocolos control plane y management, conduciendo a una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Nota: esta vulnerabilidad puede desencadenarse solo por tr\u00e1fico destinado a un dispositivo afectado y no puede explotarse mediante el uso de tr\u00e1fico que transite por un dispositivo afectado. El switch de Nexus 1000V para Microsoft Hyper-V se ve afectado en versiones anteriores a la 5.2(1)SM3(2.1). El switch de Nexus 1000V para VMware vSphere se ve afectado en versiones anteriores a la 5.2(1)SV3(4.1a). Los switches de Nexus 3000 Series se ven afectados en versiones anteriores a las 7.0(3)I7(6) y 9.2(2). Los switches de Nexus 3500 Platform, se ven afectados en versiones anteriores a las 6.0(2)A8(11), 7.0(3)I7(6) y 9.2(2). Los switches de Nexus 3600 Platform se ven afectados en versiones anteriores a la 7.0(3)F3(5) y 9.2(2). Los switches de Nexus, en sus series 5500, 5600 y 6000, se ven afectados en versiones anteriores a las 7.1(5)N1(1b) y 7.3(5)N1(1). Los switches de Nexus, en sus series 7000 y 7700, se ven afectados en versiones anteriores a la 6.2(22). Los switches de 9500 R-Series Line Cards y Fabric Modules se ven afectados en versiones anteriores a las 7.0(3)F3(5) y 9.2(2). UCS 6200 y 6300 Series Fabric Interconnect, se ven afectados en versiones anteriores a las 3.2(3j) y 4.0(2a). UCS 6400 Series Fabric Interconnect, se ve afectado en versiones anteriores a la 4.0(2a)."
}
],
"id": "CVE-2019-1599",
"lastModified": "2024-11-21T04:36:53.637",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-07T20:29:00.297",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107342"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-netstack"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-netstack"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 03:15
Modified
2024-11-21 06:11
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A21987E-AE24-4C2C-894A-FFF7CC0CA73B",
"versionEndExcluding": "2.2.2.148",
"versionStartIncluding": "2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3779F159-04B8-40D7-98D0-B1B68AE02C31",
"versionEndExcluding": "2.3.1.216",
"versionStartIncluding": "2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F839DB11-1E63-4727-8AB0-ED0B5D6BC38A",
"versionEndExcluding": "2.4.1.273",
"versionStartIncluding": "2.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "440AAA0A-FEF8-4E40-95EC-59F37A63091D",
"versionEndExcluding": "2.6.1.224",
"versionStartIncluding": "2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08C690B6-DE7E-417F-883A-3A3AE51F0710",
"versionEndExcluding": "2.7.1.143",
"versionStartIncluding": "2.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88F98150-EB80-41BB-9B80-520124E3FD9A",
"versionEndExcluding": "2.8.1.143",
"versionStartIncluding": "2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2E8B9E7-1023-4A0C-BC8C-C45F956B20BA",
"versionEndExcluding": "2.9.1.135",
"versionStartIncluding": "2.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
"matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18048A84-BA0F-48EF-AFFB-635FF7F70C66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "317DF3DD-C7CD-4CA2-804F-A738E048BEB4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C13CF29B-9308-452B-B7E0-9E818B5A6C1E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB527C2-855E-4BB9-BCA7-94BE86100D44",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E82C1B05-990D-49D2-B80A-C3EDD4082840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "421D91C3-8AB3-45E1-9E55-13ED1A4A623E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D741945-8B0A-408D-A5FE-D5B38DC6D46A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9308CA67-E949-4338-A890-22B3C4428D70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_1_sm-24_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3C6CC11-470A-47A4-AAF5-D5580FB78562",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_1_sm-36_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA4A2B35-5106-4F43-835A-7F97D2324373",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_1_sm-44_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0F7F452-9294-4445-A344-1A76B277C45D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_3_sm-44_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA604D8-76C0-40B9-8675-02BEEA18E432",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82542890-87E9-4C92-9B20-7CC668B4E5E1",
"versionEndIncluding": "8.4\\(3.115\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D8583BD-4586-4AB0-9C7A-BC14385AACE8",
"versionEndIncluding": "8.4\\(3.115\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "657840E3-B3E9-4218-A89D-F27D8DC269C6",
"versionEndIncluding": "8.4\\(3.115\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B36972DF-1BEB-48EB-9C79-725AA493F87C",
"versionEndIncluding": "8.4\\(3.115\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08D3FFC7-2C86-4162-B1E8-C9FF39F4465B",
"versionEndIncluding": "8.4\\(3.115\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9134:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB00911-C0B0-4A4E-A0B9-413EC9D9C25A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F762E87A-BF80-4D33-ADDA-84369E068005",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22E6B85A-3988-4EC5-B788-9664772CE64E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B25B92ED-37C0-4653-9C5E-B4C13C46464C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90094569-AA2C-4D35-807F-9551FACE255F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306AFBC9-A236-4D03-A1EB-CE7E838D8415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67CD5738-029B-43AA-9342-63719DC16138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E81D2CC1-376A-4D87-88EA-6E1831741EC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2374E02D-46FE-477F-A74D-49E72149E6EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C44335D8-8A78-486C-A325-9691FA4C3271",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B22B3865-30E9-4B5A-A37D-DC33F1150FFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "459A7F11-52BF-4AD6-B495-4C4D6C050493",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEACA55F-4335-4478-B608-EB92EE1D6C6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993AFE99-DFC3-4D92-90C8-D3A6495547BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108DB6B5-CB29-477F-84FC-52116F295878",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36145717-6348-466D-87B4-B1A19F17BA55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7009:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4831C5F4-AF09-4951-B7AC-9DAF1C7045B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BBDCF9-562C-44BA-B709-F91346F6F99F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7018:-:*:*:*:*:*:*:*",
"matchCriteriaId": "276BD181-125C-48EC-984C-29BAE20C21F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ABB175-81BE-4C46-BD2D-70016508BE22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71F93299-A715-4E97-87FE-B1E248EA98BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3AD807-5A0F-4DF5-9A7A-748205F409E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42ABB93D-2C3A-4029-B545-B638B6C7788E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7702:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7596B885-5312-489B-BBDB-A5374E525DE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42EC10DA-FE01-4BA3-B49F-B164F697D4BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1655CC-9BD5-4BD5-B113-776E4335D556",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA6F9ED-50A1-4D61-BC83-438585646856",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04E18F69-07F4-4BEA-9867-B79351687D32",
"versionEndIncluding": "7.0\\(3\\)i7\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EC79F46-3416-4D95-A839-BA707A9E22E2",
"versionEndIncluding": "7.0\\(3\\)i7\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4673FD6-3C58-41BA-AA7F-C26FE42ECBD4",
"versionEndIncluding": "7.0\\(3\\)i7\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4328C1A9-F5B4-4D6B-8B2D-03BFC5310EDC",
"versionEndIncluding": "7.0\\(3\\)i7\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DC5D36F-834A-44EA-BCC8-A71BBA202A4F",
"versionEndIncluding": "7.0\\(3\\)i7\\(9\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F4E8EE4-031D-47D3-A12E-EE5F792172EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D14D4B4E-120E-4607-A4F1-447C7BF3052E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15702ACB-29F3-412D-8805-E107E0729E35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B34855-D8D2-4114-80D2-A4D159C62458",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32A532C0-B0E3-484A-B356-88970E7D0248",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43913A0E-50D5-47DD-94D8-DD3391633619",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA52D5C1-13D8-4D23-B022-954CCEF491F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3500_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B72E8456-A9BD-447B-8F33-4BEB052A82D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97217080-455C-48E4-8CE1-6D5B9485864F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_aci_mode:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57BC5903-1316-4FFF-BE52-2F6D63549590",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_standalone:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4755F890-634B-4B25-AF08-C34F13429FA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_standalone_nx-os_mode:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA62800-F5DC-48DA-8C81-D684EA8EBB9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "532CE4B0-A3C9-4613-AAAF-727817D06FB4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB9FDE8-8533-4F65-BF32-4066D042B2F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DB6FC5-762A-4F16-AE8C-69330EFCF640",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B04484DA-AA59-4833-916E-6A8C96D34F0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24A634C9-C1DA-4D2D-BA5F-1EFC05756E5A",
"versionEndIncluding": "7.3\\(8\\)n1\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCA44694-9D36-4E97-83F7-A1FEAC6717AB",
"versionEndIncluding": "7.3\\(8\\)n1\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6F83F0-AF30-453D-BB96-FE56A04C4971",
"versionEndIncluding": "7.3\\(8\\)n1\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0EFE3A3-2469-445E-A325-BC3F1D72FCA6",
"versionEndIncluding": "7.3\\(8\\)n1\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74A7DECE-B92C-471A-8A74-F1D5B5254A9B",
"versionEndIncluding": "7.3\\(8\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2B1E07-8519-4F58-9048-81ABA12E01DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFC8699E-81C0-4374-B827-71B3916B910D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "870F4379-68F6-4B34-B99B-107DFE0DBD63",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A58223F-3B15-420B-A6D4-841451CF0380",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F182AD1-6E51-456A-A8F7-8F3B92DBE4D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76CF6300-0292-4E53-B28D-865C2303BA51",
"versionEndIncluding": "3.2\\(3o\\)a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16B79C2F-DAE9-4AD4-AFDA-DADD43E650AD",
"versionEndIncluding": "3.2\\(3o\\)a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "980DD4C4-A6C0-4D2D-BD09-21B62C4ADC71",
"versionEndIncluding": "3.2\\(3o\\)a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62C92804-B959-43E1-9133-C16E58921D9A",
"versionEndIncluding": "3.2\\(3o\\)a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F063A1CB-6FC6-46EF-AF2E-1E211C7CA41F",
"versionEndIncluding": "3.2\\(3o\\)a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B96E5C-CC27-4020-93CE-413B95DCABB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6248_up_fabric_interconnect:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96AB2BB-4F4A-44C3-918F-DDB31B0D1FFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296_up_fabric_interconnect:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82775AC1-173D-4335-B13A-6CF73C9C11D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BCF41B-A617-4563-8D14-E906411354FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324_fabric_interconnect:-:*:*:*:*:*:*:*",
"matchCriteriaId": "104AB7AA-2AB6-40AB-9BCA-2041396060B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "054D8EB2-97A3-4725-9DFF-27A4D231D90A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332-16up_fabric_interconnect:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAF3163-4FF6-4BB0-8870-80D3F3F2953B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332_fabric_interconnect:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB5291D-D248-4125-9129-BC655F082AD8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17BAF9DA-E605-42D2-8DF9-A7211ADBEA74",
"versionEndIncluding": "4.1\\(1a\\)a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81771B6E-4D9D-470B-8072-50E9F1F654CD",
"versionEndIncluding": "4.1\\(1a\\)a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6D87151-01B0-4069-861C-BBB57C493EB3",
"versionEndIncluding": "4.1\\(1a\\)a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7561ED7-D773-4A88-B145-EEC3F7A6269B",
"versionEndIncluding": "4.1\\(1a\\)a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F063A1CB-6FC6-46EF-AF2E-1E211C7CA41F",
"versionEndIncluding": "3.2\\(3o\\)a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1888B66-5CF7-4D4D-B832-E2CF75D6EAD8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad Unidirectional Link Detection (UDLD) de Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, y Cisco NX-OS Software podr\u00eda permitir a un atacante adyacente no autenticado causar la recarga de un dispositivo afectado. Esta vulnerabilidad es debido a una comprobaci\u00f3n inapropiada de entrada de los paquetes UDLD. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes UDLD espec\u00edficamente dise\u00f1ados a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar la recarga del dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Nota: La funcionalidad UDLD est\u00e1 deshabilitada por defecto, y las condiciones para explotar esta vulnerabilidad son estrictas. Un atacante debe tener el control total de un dispositivo conectado directamente. En los dispositivos Cisco IOS XR, el impacto se limita a la recarga del proceso UDLD"
}
],
"id": "CVE-2021-34714",
"lastModified": "2024-11-21T06:11:01.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T03:15:18.153",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-11 21:29
Modified
2024-11-21 04:36
Severity ?
8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow, resulting in process crashes and a DoS condition on the device. MDS 9000 Series Multilayer Switches are affected running software versions prior to 6.2(25), 8.1(1b), 8.3(1). Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 3500 Platform Switches are affected running software versions prior to 6.0(2)A8(10) and 7.0(3)I7(4). Nexus 3600 Platform Switches are affected running software versions prior to 7.0(3)F3(5) Nexus 7000 and 7700 Series Switches are affected running software versions prior to 6.2(22) and 8.2(3). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 9500 R-Series Line Cards and Fabric Modules are affected running software versions prior to 7.0(3)F3(5). UCS 6200, 6300, and 6400 Fabric Interconnects are affected running software versions prior to 3.2(3j) and 4.0(2a).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/107395 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-fabric-dos | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107395 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-fabric-dos | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | * | |
| cisco | mds_9000 | - | |
| cisco | nx-os | * | |
| cisco | nexus_3500 | - | |
| cisco | nx-os | * | |
| cisco | nexus_3000 | - | |
| cisco | nx-os | * | |
| cisco | nexus_3600 | - | |
| cisco | nx-os | * | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | * | |
| cisco | nexus_9000 | - | |
| cisco | nx-os | * | |
| cisco | nexus_9500 | - | |
| cisco | nx-os | * | |
| cisco | mds_9000 | - | |
| cisco | nx-os | * | |
| cisco | mds_9000 | - | |
| cisco | nx-os | * | |
| cisco | nexus_3000 | - | |
| cisco | nx-os | * | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | * | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | * | |
| cisco | nexus_9000 | - | |
| cisco | nx-os | * | |
| cisco | nexus_3500 | - | |
| cisco | nx-os | * | |
| cisco | nexus_3500 | - | |
| cisco | nx-os | * | |
| cisco | nexus_3000 | - | |
| cisco | nx-os | * | |
| cisco | ucs_6200 | - | |
| cisco | ucs_6300 | - | |
| cisco | ucs_6400 | - | |
| cisco | nx-os | * | |
| cisco | ucs_6200 | - | |
| cisco | ucs_6300 | - | |
| cisco | ucs_6400 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4863FC5-6578-48DE-838D-E5D2EEFF27B1",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F24A8F48-7C57-40DD-AF84-3CB2940611DF",
"versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C59A80D2-51B2-42C4-8FAA-F00A42388F90",
"versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B76CC56F-08AB-46EB-B9DB-E1EE77201855",
"versionEndExcluding": "7.0\\(3\\)f3\\(3c\\)",
"versionStartIncluding": "7.0\\(3\\)f3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97217080-455C-48E4-8CE1-6D5B9485864F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A90CA0AC-1B11-4875-B67F-BE443682C89D",
"versionEndExcluding": "8.2\\(3\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C59A80D2-51B2-42C4-8FAA-F00A42388F90",
"versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D65811-E82B-4FE9-A23B-7538FD2D4AF1",
"versionEndExcluding": "7.0\\(3\\)f3\\(3c\\)",
"versionStartIncluding": "7.0\\(3\\)f1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86770ECC-BC1D-42BC-A65B-FCE598491BEE",
"versionEndExcluding": "8.1\\(1b\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E762B981-6AC3-41E2-9FF5-DBA9616EA75C",
"versionEndExcluding": "6.2\\(25\\)",
"versionStartIncluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFCC3C2-3483-4BD0-AF71-23574D0849B1",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E30AB8D6-3F3F-43A3-B7E9-ABD5D3052FA8",
"versionEndExcluding": "6.2\\(22\\)",
"versionStartIncluding": "6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4",
"versionEndExcluding": "6.2\\(22\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92B576CF-5EAD-4830-A7B7-ACC434349691",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEC3E03D-81F8-4EF4-96A1-D6F0B2767055",
"versionEndExcluding": "6.0\\(2\\)a8\\(10\\)",
"versionStartIncluding": "6.0\\(2\\)a8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "013763DA-8E91-452D-8E00-A15F10D0D0FA",
"versionEndIncluding": "6.0\\(2\\)a8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7863D91-BA8E-4FB4-9294-8E0B92F42825",
"versionEndIncluding": "7.0\\(3\\)i4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81A332B7-8234-442D-B6FA-EFE5D604E436",
"versionEndExcluding": "4.0\\(2a\\)",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B96E5C-CC27-4020-93CE-413B95DCABB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BCF41B-A617-4563-8D14-E906411354FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1888B66-5CF7-4D4D-B832-E2CF75D6EAD8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01C8F238-9A6A-4DFA-AE7B-8E69CD2E4F59",
"versionEndExcluding": "3.2\\(3j\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B96E5C-CC27-4020-93CE-413B95DCABB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BCF41B-A617-4563-8D14-E906411354FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1888B66-5CF7-4D4D-B832-E2CF75D6EAD8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow, resulting in process crashes and a DoS condition on the device. MDS 9000 Series Multilayer Switches are affected running software versions prior to 6.2(25), 8.1(1b), 8.3(1). Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 3500 Platform Switches are affected running software versions prior to 6.0(2)A8(10) and 7.0(3)I7(4). Nexus 3600 Platform Switches are affected running software versions prior to 7.0(3)F3(5) Nexus 7000 and 7700 Series Switches are affected running software versions prior to 6.2(22) and 8.2(3). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 9500 R-Series Line Cards and Fabric Modules are affected running software versions prior to 7.0(3)F3(5). UCS 6200, 6300, and 6400 Fabric Interconnects are affected running software versions prior to 3.2(3j) and 4.0(2a)."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el componente Cisco Fabric Services del software NX-OS de Cisco podr\u00eda permitir a un atacante remoto no autenticado provocar un desbordamiento de b\u00fafer, conduciendo a una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de paquetes de Cisco Fabric Services. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un paquete Cisco Fabric Services manipulado a un dispositivo afectado. Un exploit con \u00e9xito podr\u00eda permitir al atacante provocar un desbordamiento de b\u00fafer, conduciendo a cierres de procesos y una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Los switches de MDS 9000 Series Multilayer se ven afectados en versiones anteriores a 6.25(25), 8.1(1b) y 8.3(1). Los switches de Nexus 3000 Series se ven afectados en versiones de software anteriores a las 7.0(3)I4(9) y 7.0(3)I7(4). Los switches de Nexus 3500 Platform Series se ven afectados en versiones de software anteriores a las 6.0(2)A8(10) y 7.0(3)I7(4). Los switches de Nexus 3600, se ven afectados en versiones anteriores a las 7.0(3)F3(5) y los switches de Nexus de la series 7000 y 7700 se ven afectados en versiones anteriores a las 6.2(22) y 8.2(3). Los switches de Nexus 9000 en modo Standalone NX-OS se ven afectados en versiones de software anteriores a las 7.0(3)I4(9) y 7.0(3)I7(4). Los switches de 9500 R-Series Line Cards y Fabric Modules se ven afectados en versiones anteriores a la 7.0(3)F3(5). UCS 6200, 6300 y 6400 Series Fabric Interconnect se ven afectados en versiones anteriores a las 3.2(3j) y 4.0(2a)."
}
],
"id": "CVE-2019-1616",
"lastModified": "2024-11-21T04:36:56.223",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-11T21:29:00.967",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107395"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-fabric-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-fabric-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}