CVE-2019-1616

CWE-20Improper Input ValidationCWE-119Buffer Overflow7 documents5 sources
Severity
7.5HIGH
EPSS
0.8%
top 25.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Cisco MDS 9000 Series Multilayer SwitchesCisco Nexus 3000 Series SwitchesCisco Nexus 3500 Platform Switches+5 more
Timeline
PublishedMar 11
Latest updateMay 13

Description

A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow, resulting in proc

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages8 packages

CVEListV5cisco/nexus_9000_series_switches_in_standalone_nx-os_modeunspecified7.0(3)I4(9)+1
CVEListV5cisco/nexus_9500_r-series_line_cards_and_fabric_modulesunspecified7.0(3)F3(5)
CVEListV5cisco/nexus_7000_and_7700_series_switchesunspecified6.2(22)+1
CVEListV5cisco/nexus_3000_series_switchesunspecified7.0(3)I4(9)+1
CVEListV5cisco/nexus_3500_platform_switchesunspecified6.0(2)A8(10)+1

🔴Vulnerability Details

2
GHSA
GHSA-qfp2-rcgq-9rpw: A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overf2022-05-13
CVEList
Cisco NX-OS Software Cisco Fabric Services Denial of Service Vulnerability2019-03-11

📋Vendor Advisories

1
Cisco
Cisco NX-OS Software Cisco Fabric Services Denial of Service Vulnerability2019-03-06

💬Community

2
Bugzilla
CVE-2019-13310 ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c2019-07-16
Bugzilla
CVE-2019-13309 ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages2019-07-16
CVE-2019-1616 (HIGH CVSS 7.5) | A vulnerability in the Cisco Fabric | cvebase.io