#VU20496 Input validation error in Cisco Systems, Inc Operating systems & Components


Published: 2019-09-02 | Updated: 2019-09-06

Vulnerability identifier: #VU20496

Vulnerability risk: Medium

CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-1977

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco Nexus 9332PQ Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 9508 Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 9372TX-E Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 93108TC-EX Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 9504 Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 93120TX Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 93108TC-FX Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 9396TX Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 9396PX Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 9516 Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 9000 Series Switches in ACI Mode
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 9372PX-E Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 9348GC-FXP Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 93180YC-EX Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 93128TX Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 93180YC-FX Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 9364C Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 9372PX Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 93180LC-EX Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 9336PQ ACI Spine Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 9372TX Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco Nexus 9336C-FX2 Switch
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco NX-OS
Operating systems & Components / Operating system

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input due to improper endpoint learning when packets are received on a specific port from outside the ACI fabric and destined to an endpoint located on a border leaf when "Disable Remote Endpoint Learning" has been enabled. A remote attacker can cause a denial of service (DoS) condition on an endpoint device in certain circumstances.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Cisco Nexus 9332PQ Switch: All versions

Cisco Nexus 9508 Switch: All versions

Cisco Nexus 9372TX-E Switch: All versions

Cisco Nexus 93108TC-EX Switch: All versions

Cisco Nexus 9504 Switch: All versions

Cisco Nexus 93120TX Switch: All versions

Cisco Nexus 93108TC-FX Switch: All versions

Cisco Nexus 9396TX Switch: All versions

Cisco Nexus 9396PX Switch: All versions

Cisco Nexus 9516 Switch: All versions

Cisco Nexus 9000 Series Switches in ACI Mode: All versions

Cisco NX-OS: 12.3.1h - 13.1.2p

Cisco Nexus 9372PX-E Switch: All versions

Cisco Nexus 9348GC-FXP Switch: All versions

Cisco Nexus 93180YC-EX Switch: All versions

Cisco Nexus 93128TX Switch: All versions

Cisco Nexus 93180YC-FX Switch: All versions

Cisco Nexus 9364C Switch: All versions

Cisco Nexus 9372PX Switch: All versions

Cisco Nexus 93180LC-EX Switch: All versions

Cisco Nexus 9336PQ ACI Spine Switch: All versions

Cisco Nexus 9372TX Switch: All versions

Cisco Nexus 9336C-FX2 Switch: All versions

External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nexus-aci-dos

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Cisco NX-OS Software