CVE-2019-1595
published 2019-03-06CVE-2019-1595: A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to…
medium6.5CVSS 3.0
AVAACLPRNUINSUCNINAH
A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an incorrect allocation of an internal interface index. An adjacent attacker with the ability to submit a crafted FCoE packet that crosses affected interfaces could trigger this vulnerability. A successful exploit could allow the attacker to cause a packet loop and high throughput on the affected interfaces, resulting in a DoS condition. This vulnerability has been fixed in version 7.3(5)N1(1).
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_nx-os_software | — | — |
| cisco | nexus_5600_and_6000_series_switches_fibre_channel_over_ethernet | — | — |
| cisco | nx-os | < 7.3\(5\)n1\(1\) | 7.3\(5\)n1\(1\) |