CVE-2019-1977

Name of the Vulnerable Software and Affected Versions Cisco Nexus 9000 Series Switches (affected versions not specified)

Description The issue is related to errors in state management within the Endpoint Learning feature of the Cisco Nexus 9000 Series Switches. This could allow a remote attacker to cause a denial of service condition on an endpoint device under certain circumstances. The problem arises when packets are received on a specific port from outside the ACI fabric and are destined for an endpoint on a border leaf, with Disable Remote Endpoint Learning enabled. This can lead to the creation of a stale Remote (XR) entry for the impacted endpoint if it migrates to a different port or leaf switch, resulting in traffic not reaching the endpoint until the entry is relearned.

Recommendations For Cisco Nexus 9000 Series Switches, consider disabling the Endpoint Learning feature as a temporary workaround until a patch is available. Restrict access to the specific port on the border leaf to minimize the risk of exploitation. Avoid using the Disable Remote Endpoint Learning option in configurations where endpoint migration is expected, until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.