CVE-2019-1969
Last modified
CVE-2019-1969 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. EPSS estimates a 1.36% chance of exploitation in the next 30 days.
Description
A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Nx-Os | 7.0\(3\)i7\(3\) |
| Cisco | Nx-Os | 9.2\(2\) |
| Cisco | Nx-Os | 7.0\(3\)f |
| Cisco | Nx-Os | 9.2 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-1969?
How severe is CVE-2019-1969?
How do I fix CVE-2019-1969?
Are you affected by CVE-2019-1969?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST