CVE-2019-1965

Name of the Vulnerable Software and Affected Versions Cisco NX-OS Software (affected versions not specified)

Description The issue is related to the Virtual Shell (VSH) session management in Cisco NX-OS Software, which can lead to an uncontrolled consumption of resources. An authenticated, remote attacker could exploit this by repeatedly establishing and terminating a remote management connection in an unexpected manner, causing VSH processes to fail to delete upon termination. This can result in a build-up of VSH processes that over time can deplete system memory, leading to unexpected system behaviors and crashes. The attacker must have valid user credentials to log in to the device using the remote management connection.

Recommendations For Cisco NX-OS Software, update to a version that includes the fix for this issue, as software updates have been released by Cisco to address this vulnerability. At the moment, there is no information about specific versions that contain a fix for this vulnerability.