PT-2019-3265 · Cisco · Cisco Nx-Os+2
Published
2019-08-28
·
Updated
2019-10-09
·
CVE-2019-1963
CVSS v3.1
7.7
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Cisco FXOS Software (affected versions not specified)
Cisco NX-OS Software (affected versions not specified)
Description
The issue is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this by sending a crafted SNMP packet to the SNMP daemon on the affected device, potentially causing the SNMP application to restart multiple times and leading to a system-level restart and a denial of service (DoS) condition.
Recommendations
For Cisco FXOS Software, update to a version that includes the fix for this issue.
For Cisco NX-OS Software, update to a version that includes the fix for this issue.
As a temporary workaround, consider restricting access to the SNMP daemon to minimize the risk of exploitation.
Fix
DoS
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Fxos
Cisco Nx-Os
Cisco Nexus