CVE-2019-1616

Name of the Vulnerable Software and Affected Versions Cisco NX-OS Software versions prior to 6.2(25) Cisco NX-OS Software versions prior to 8.1(1b) Cisco NX-OS Software versions prior to 8.2(3) Cisco NX-OS Software versions prior to 8.3(1) Cisco NX-OS Software versions prior to 7.0(3)I4(9) Cisco NX-OS Software versions prior to 7.0(3)I7(4) Cisco NX-OS Software versions prior to 6.0(2)A8(10) Cisco NX-OS Software versions prior to 7.0(3)F3(5) UCS 6200, 6300, and 6400 Fabric Interconnects versions prior to 3.2(3j) UCS 6200, 6300, and 6400 Fabric Interconnects versions prior to 4.0(2a)

Description A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow, resulting in process crashes and a DoS condition on the device.

Recommendations For Cisco NX-OS Software versions prior to 6.2(25), update to version 6.2(25) or later. For Cisco NX-OS Software versions prior to 8.1(1b), update to version 8.1(1b) or later. For Cisco NX-OS Software versions prior to 8.2(3), update to version 8.2(3) or later. For Cisco NX-OS Software versions prior to 8.3(1), update to version 8.3(1) or later. For Cisco NX-OS Software versions prior to 7.0(3)I4(9), update to version 7.0(3)I4(9) or later. For Cisco NX-OS Software versions prior to 7.0(3)I7(4), update to version 7.0(3)I7(4) or later. For Cisco NX-OS Software versions prior to 6.0(2)A8(10), update to version 6.0(2)A8(10) or later. For Cisco NX-OS Software versions prior to 7.0(3)F3(5), update to version 7.0(3)F3(5) or later. For UCS 6200, 6300, and 6400 Fabric Interconnects versions prior to 3.2(3j), update to version 3.2(3j) or later. For UCS 6200, 6300, and 6400 Fabric Interconnects versions prior to 4.0(2a), update to version 4.0(2a) or later.