{"containers": {"cna": {"affected": [{"product": "Cisco Unified Computing System (Managed)", "vendor": "Cisco", "versions": [{"lessThan": "8.4(1)", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2019-08-28T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient validation of TCP packets when processed by the Cisco Fabric Services over IP (CFSoIP) feature. An attacker could exploit this vulnerability by sending a malicious Cisco Fabric Services TCP packet to an affected device. A successful exploit could allow the attacker to cause process crashes, resulting in a device reload and a DoS condition. Note: There are three distribution methods that can be configured for Cisco Fabric Services. This vulnerability affects only distribution method CFSoIP, which is disabled by default. See the Details section for more information."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-08-28T18:50:22.000Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20190828 Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-fsip-dos"}], "source": {"advisory": "cisco-sa-20190828-nxos-fsip-dos", "defect": [["CSCva64492", "CSCvj59058", "CSCvk70625", "CSCvk70631", "CSCvk70632", "CSCvk70633"]], "discovery": "INTERNAL"}, "title": "Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2019-08-28T16:00:00-0700", "ID": "CVE-2019-1962", "STATE": "PUBLIC", "TITLE": "Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Unified Computing System (Managed)", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_value": "8.4(1)"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient validation of TCP packets when processed by the Cisco Fabric Services over IP (CFSoIP) feature. An attacker could exploit this vulnerability by sending a malicious Cisco Fabric Services TCP packet to an affected device. A successful exploit could allow the attacker to cause process crashes, resulting in a device reload and a DoS condition. Note: There are three distribution methods that can be configured for Cisco Fabric Services. This vulnerability affects only distribution method CFSoIP, which is disabled by default. See the Details section for more information."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "impact": {"cvss": {"baseScore": "8.6", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "references": {"reference_data": [{"name": "20190828 Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-fsip-dos"}]}, "source": {"advisory": "cisco-sa-20190828-nxos-fsip-dos", "defect": [["CSCva64492", "CSCvj59058", "CSCvk70625", "CSCvk70631", "CSCvk70632", "CSCvk70633"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T18:35:51.641Z"}, "title": "CVE Program Container", "references": [{"name": "20190828 Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-fsip-dos"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-19T17:23:21.487524Z", "id": "CVE-2019-1962", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-19T18:58:31.811Z"}}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2019-1962", "datePublished": "2019-08-28T18:50:22.852Z", "dateReserved": "2018-12-06T00:00:00.000Z", "dateUpdated": "2024-11-19T18:58:31.811Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-fsip-dos", "name": "20190828 Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T18:35:51.641Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-1962", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-19T17:23:21.487524Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-19T17:23:51.500Z"}}], "cna": {"title": "Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service Vulnerability", "source": {"defect": [["CSCva64492", "CSCvj59058", "CSCvk70625", "CSCvk70631", "CSCvk70632", "CSCvk70633"]], "advisory": "cisco-sa-20190828-nxos-fsip-dos", "discovery": "INTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "CHANGED", "version": "3.0", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Unified Computing System (Managed)", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "8.4(1)", "versionType": "custom"}]}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "datePublic": "2019-08-28T00:00:00.000Z", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-fsip-dos", "name": "20190828 Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient validation of TCP packets when processed by the Cisco Fabric Services over IP (CFSoIP) feature. An attacker could exploit this vulnerability by sending a malicious Cisco Fabric Services TCP packet to an affected device. A successful exploit could allow the attacker to cause process crashes, resulting in a device reload and a DoS condition. Note: There are three distribution methods that can be configured for Cisco Fabric Services. This vulnerability affects only distribution method CFSoIP, which is disabled by default. See the Details section for more information."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2019-08-28T18:50:22.000Z"}, "x_legacyV4Record": {"impact": {"cvss": {"version": "3.0", "baseScore": "8.6", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}}, "source": {"defect": [["CSCva64492", "CSCvj59058", "CSCvk70625", "CSCvk70631", "CSCvk70632", "CSCvk70633"]], "advisory": "cisco-sa-20190828-nxos-fsip-dos", "discovery": "INTERNAL"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"affected": "<", "version_value": "8.4(1)", "version_affected": "<"}]}, "product_name": "Cisco Unified Computing System (Managed)"}]}, "vendor_name": "Cisco"}]}}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "data_type": "CVE", "references": {"reference_data": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-fsip-dos", "name": "20190828 Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service Vulnerability", "refsource": "CISCO"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient validation of TCP packets when processed by the Cisco Fabric Services over IP (CFSoIP) feature. An attacker could exploit this vulnerability by sending a malicious Cisco Fabric Services TCP packet to an affected device. A successful exploit could allow the attacker to cause process crashes, resulting in a device reload and a DoS condition. Note: There are three distribution methods that can be configured for Cisco Fabric Services. This vulnerability affects only distribution method CFSoIP, which is disabled by default. See the Details section for more information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2019-1962", "STATE": "PUBLIC", "TITLE": "Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service Vulnerability", "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2019-08-28T16:00:00-0700"}}}}, "cveMetadata": {"cveId": "CVE-2019-1962", "state": "PUBLISHED", "dateUpdated": "2024-11-19T18:58:31.811Z", "dateReserved": "2018-12-06T00:00:00.000Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2019-08-28T18:50:22.852Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "55812D67-23B2-4EE1-8DEF-B1386551D825", "versionEndExcluding": "6.2\\(29\\)", "versionStartIncluding": "5.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "5CECEF97-692D-4F96-BBEB-2AAAAB006611", "versionEndExcluding": "8.1", "versionStartIncluding": "7.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", "matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", "matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", "matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", "matchCriteriaId": "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", "matchCriteriaId": "90094569-AA2C-4D35-807F-9551FACE255F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", "matchCriteriaId": "306AFBC9-A236-4D03-A1EB-CE7E838D8415", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", "matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", "matchCriteriaId": "67CD5738-029B-43AA-9342-63719DC16138", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*", "matchCriteriaId": "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*", "matchCriteriaId": "E81D2CC1-376A-4D87-88EA-6E1831741EC6", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", "matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", "matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", "matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", "matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", "matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", "matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "7EF18053-7C60-4DFC-AD1A-B6910BC539E2", "versionEndExcluding": "9.2", "versionStartIncluding": "7.0\\(3\\)f", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "BEE867E4-9EE8-4A06-A51B-627C228EF0A2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "1734D373-CA79-447E-96A7-EDA4D3F9C924", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:x96136yc-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "2163BE9A-89E8-4585-9AD5-A1C764533F10", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:x9636c-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "569B5384-B93C-4FEF-88E7-3155ACE94F4B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:x9636c-rx:-:*:*:*:*:*:*:*", "matchCriteriaId": "3E7646FC-74C9-4188-9FDB-2C91D8D559D1", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "934E7941-C773-4032-944B-4AC57FB11D23", "versionEndExcluding": "7.1\\(5\\)n1\\(1b\\)", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "DF45649B-78F2-41C0-B74C-A917858C10C3", "versionEndExcluding": "7.3\\(5\\)n1\\(1\\)", "versionStartIncluding": "7.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", "matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", "matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", "matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", "matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", "matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", "matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", "matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", "matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*", "matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", "matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4", "versionEndExcluding": "6.2\\(22\\)", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "BE09FCE4-6FBF-44AC-827D-7F7AFA4C780F", "versionEndExcluding": "7.3\\(4\\)d1\\(1\\)", "versionStartIncluding": "7.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:7000_10-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "489A59F2-D44D-44ED-844C-E0EF83A23C4F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:7000_18-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "79689D81-D8F0-4FB1-9B8F-62407474A042", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:7000_4-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "BBA5F539-E8AC-44B5-9E9C-2E35F6CAA22E", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:7000_9-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "D01E7A7E-7111-4C89-8EBD-080B0A3E069C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:7700_10-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "ADCDCAC9-30F2-4EE3-9D02-5AA8BA6A1E99", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:7700_18-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "610E21F4-8188-4B5E-A80F-CFE0F2B9D8A6", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:7700_2-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "83003054-E458-4405-BA7F-A5EA415D296A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:7700_6-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "C7610AAC-D1FE-44A8-9925-31F1CCA8AFEF", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*", "matchCriteriaId": "F58B1C42-9150-48C9-9203-A2466FC61261", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*", "matchCriteriaId": "0AD5DA69-09D9-436A-8FC1-A46626DE2789", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0A9CD4D-4659-402D-BDF8-E5EF86449641", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*", "matchCriteriaId": "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*", "matchCriteriaId": "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*", "matchCriteriaId": "9D753638-4BE8-4BF5-A083-F8360003869D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*", "matchCriteriaId": "9B875911-E742-427B-AE07-C8A5955DEA62", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*", "matchCriteriaId": "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D0E31D5-9F1D-46EC-824F-352A0098944B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*", "matchCriteriaId": "E8AD0767-C42B-4BAC-B90C-F4412B661D7A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*", "matchCriteriaId": "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*", "matchCriteriaId": "D409BDF3-9F35-4D94-9DF0-7B58A519A005", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*", "matchCriteriaId": "993AFE99-DFC3-4D92-90C8-D3A6495547BC", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*", "matchCriteriaId": "108DB6B5-CB29-477F-84FC-52116F295878", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*", "matchCriteriaId": "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*", "matchCriteriaId": "42ABB93D-2C3A-4029-B545-B638B6C7788E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "92B576CF-5EAD-4830-A7B7-ACC434349691", "versionEndExcluding": "7.0\\(3\\)i4\\(9\\)", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1392CDF-115C-431A-AF9B-8414F9307163", "versionEndExcluding": "7.0\\(3\\)i7\\(6\\)", "versionStartIncluding": "7.0\\(3\\)i7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:n9k-c92160yc-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8397775-5A75-4710-9044-B56E1CEE20A1", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n9k-c9236c:-:*:*:*:*:*:*:*", "matchCriteriaId": "C71319A9-5B95-410A-BDDB-C47639B8E464", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n9k-c9272q:-:*:*:*:*:*:*:*", "matchCriteriaId": "7B573EF4-2ABE-4ABE-A8D6-D8E14AD29E73", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n9k-c93180lc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "F2E84307-41BC-4F85-BC9A-FF02178765F8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n9k-c93180yc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "55A31452-5B60-4273-BA38-8FA684DED953", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n9k-c93180yc-fx:-:*:*:*:*:*:*:*", "matchCriteriaId": "3C3FCA39-927B-4C89-A58B-E6859ED8176A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*", "matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE", "versionEndExcluding": "6.0\\(2\\)a8\\(11\\)", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1392CDF-115C-431A-AF9B-8414F9307163", "versionEndExcluding": "7.0\\(3\\)i7\\(6\\)", "versionStartIncluding": "7.0\\(3\\)i7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "74BDC7CE-BFFD-4B83-8D64-641B877F2929", "versionEndExcluding": "3.2\\(3i\\)", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "CB13DE24-5726-4485-A6DC-81913CF36180", "versionEndExcluding": "4.0\\(2d\\)", "versionStartIncluding": "4.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:ucs-6296up:-:*:*:*:*:*:*:*", "matchCriteriaId": "36DE353C-0E66-4100-9FA6-C26A5FB29CDB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", "matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", "matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", "matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", "matchCriteriaId": "054D8EB2-97A3-4725-9DFF-27A4D231D90A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient validation of TCP packets when processed by the Cisco Fabric Services over IP (CFSoIP) feature. An attacker could exploit this vulnerability by sending a malicious Cisco Fabric Services TCP packet to an affected device. A successful exploit could allow the attacker to cause process crashes, resulting in a device reload and a DoS condition. Note: There are three distribution methods that can be configured for Cisco Fabric Services. This vulnerability affects only distribution method CFSoIP, which is disabled by default. See the Details section for more information."}, {"lang": "es", "value": "Una vulnerabilidad en el componente Cisco Fabric Services del software Cisco NX-OS podr\u00eda permitir que un atacante remoto no identificado cause bloqueos en el proceso, lo que puede provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un sistema afectado. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de los paquetes TCP cuando los procesa la funci\u00f3n Cisco Fabric Services sobre IP (CFSoIP). Un atacante podr\u00eda aprovechar esta vulnerabilidad al enviar un paquete TCP de Cisco Fabric Services malicioso a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante provocar bloqueos en el proceso, lo que provocar\u00eda una recarga del dispositivo y una condici\u00f3n DoS. Nota: Existen tres m\u00e9todos de distribuci\u00f3n que se pueden configurar para los Servicios de Cisco Fabric. Esta vulnerabilidad afecta solo al m\u00e9todo de distribuci\u00f3n CFSoIP, que est\u00e1 deshabilitado de forma predeterminada. Vea la secci\u00f3n Detalles para m\u00e1s informaci\u00f3n."}], "id": "CVE-2019-1962", "lastModified": "2024-11-21T04:37:46.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "ykramarz@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-08-28T19:15:10.867", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-fsip-dos"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-fsip-dos"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}