CVE-2019-1901
Cisco Nexus 9000 Series ACI Mode Switch Software Link Layer Discovery Protocol Buffer Overflow Vulnerability
Severity Score
8.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to the targeted device. A successful exploit may lead to a buffer overflow condition that could either cause a DoS condition or allow the attacker to execute arbitrary code with root privileges. Note: This vulnerability cannot be exploited by transit traffic through the device; the crafted packet must be targeted to a directly connected interface. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI mode if they are running a Cisco Nexus 9000 Series ACI Mode Switch Software release prior to 13.2(7f) or any 14.x release.
Una vulnerabilidad en el subsistema de protocolo de descubrimiento de capa de enlace (LLDP) del software de cambio de modo de infraestructura centrada en aplicaciones (ACI) de Cisco Nexus serie 9000 podría permitir que un atacante adyacente no autenticado cause una condición de denegación de servicio (DoS) o ejecute código arbitrario con privilegios de root . La vulnerabilidad se debe a una validación de entrada incorrecta de ciertos campos de tipo, longitud, valor (TLV) del encabezado de trama LLDP. Un atacante podría aprovechar esta vulnerabilidad enviando un paquete LLDP diseñado al dispositivo de destino. Una explotación con éxito puede conducir a una condición de desbordamiento del búfer que podría causar una condición DoS o permitir al atacante ejecutar código arbitrario con privilegios de root. Nota: Esta vulnerabilidad no puede ser explotada por el tráfico de tránsito a través del dispositivo; el paquete especialmente diseñado debe estar dirigido a una interfaz conectada directamente. Esta vulnerabilidad afecta a los conmutadores Fabric Cisco Nexus serie 9000 en modo ACI si están ejecutando una versión del software del conmutador de modo Cisco Nexus serie 9000 ACI anterior a 13.2 (7f) o cualquier versión 14.x.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-12-06 CVE Reserved
- 2019-07-31 CVE Published
- 2023-03-07 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190731-nxos-bo | 2023-03-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93108tc-ex Search vendor "Cisco" for product "Nexus 93108tc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93108tc-fx Search vendor "Cisco" for product "Nexus 93108tc-fx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93120tx Search vendor "Cisco" for product "Nexus 93120tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93128tx Search vendor "Cisco" for product "Nexus 93128tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93180lc-ex Search vendor "Cisco" for product "Nexus 93180lc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93180yc-ex Search vendor "Cisco" for product "Nexus 93180yc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93180yc-fx Search vendor "Cisco" for product "Nexus 93180yc-fx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9332pq Search vendor "Cisco" for product "Nexus 9332pq" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9336c-fx2 Search vendor "Cisco" for product "Nexus 9336c-fx2" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9336pq Search vendor "Cisco" for product "Nexus 9336pq" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9348gc-fxp Search vendor "Cisco" for product "Nexus 9348gc-fxp" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9364c Search vendor "Cisco" for product "Nexus 9364c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372px Search vendor "Cisco" for product "Nexus 9372px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372px-e Search vendor "Cisco" for product "Nexus 9372px-e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372tx Search vendor "Cisco" for product "Nexus 9372tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372tx-e Search vendor "Cisco" for product "Nexus 9372tx-e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396px Search vendor "Cisco" for product "Nexus 9396px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396tx Search vendor "Cisco" for product "Nexus 9396tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9504 Search vendor "Cisco" for product "Nexus 9504" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9508 Search vendor "Cisco" for product "Nexus 9508" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 13.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version " < 13.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9516 Search vendor "Cisco" for product "Nexus 9516" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93108tc-ex Search vendor "Cisco" for product "Nexus 93108tc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93108tc-fx Search vendor "Cisco" for product "Nexus 93108tc-fx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93120tx Search vendor "Cisco" for product "Nexus 93120tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93128tx Search vendor "Cisco" for product "Nexus 93128tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93180lc-ex Search vendor "Cisco" for product "Nexus 93180lc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93180yc-ex Search vendor "Cisco" for product "Nexus 93180yc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93180yc-fx Search vendor "Cisco" for product "Nexus 93180yc-fx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9332pq Search vendor "Cisco" for product "Nexus 9332pq" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9336c-fx2 Search vendor "Cisco" for product "Nexus 9336c-fx2" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9336pq Search vendor "Cisco" for product "Nexus 9336pq" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9348gc-fxp Search vendor "Cisco" for product "Nexus 9348gc-fxp" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9364c Search vendor "Cisco" for product "Nexus 9364c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372px Search vendor "Cisco" for product "Nexus 9372px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372px-e Search vendor "Cisco" for product "Nexus 9372px-e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372tx Search vendor "Cisco" for product "Nexus 9372tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372tx-e Search vendor "Cisco" for product "Nexus 9372tx-e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396px Search vendor "Cisco" for product "Nexus 9396px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396tx Search vendor "Cisco" for product "Nexus 9396tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9504 Search vendor "Cisco" for product "Nexus 9504" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9508 Search vendor "Cisco" for product "Nexus 9508" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9516 Search vendor "Cisco" for product "Nexus 9516" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93240yc-fx2 Search vendor "Cisco" for product "Nexus 93240yc-fx2" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 14.0\(1h\) <= 14.1\(2g\) Search vendor "Cisco" for product "Nx-os" and version " >= 14.0\(1h\) <= 14.1\(2g\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9332c Search vendor "Cisco" for product "Nexus 9332c" | - | - |
Safe
|