CVE-2019-1595
Last modified
CVE-2019-1595 is a vulnerability of currently unknown severity. A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an incorrect allocation of an internal interface index. EPSS estimates a 0.64% chance of exploitation in the next 30 days.
Description
A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an incorrect allocation of an internal interface index. An adjacent attacker with the ability to submit a crafted FCoE packet that crosses affected interfaces could trigger this vulnerability. A successful exploit could allow the attacker to cause a packet loop and high throughput on the affected interfaces, resulting in a DoS condition. This vulnerability has been fixed in version 7.3(5)N1(1).
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Nx-Os | < 7.3\(5\)n1\(1\) |
References
- http://www.securityfocus.com/bid/107320Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/107320Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-1595?
How severe is CVE-2019-1595?
How do I fix CVE-2019-1595?
Are you affected by CVE-2019-1595?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST