CVE-2019-1962

Name of the Vulnerable Software and Affected Versions Cisco NX-OS Software (affected versions not specified)

Description The issue is related to errors in processing TCP packets by the Cisco Fabric Services component of Cisco NX-OS Software. This could allow a remote attacker to cause process crashes, resulting in a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient validation of TCP packets when processed by the Cisco Fabric Services over IP (CFSoIP) feature. An attacker could exploit this by sending a malicious Cisco Fabric Services TCP packet to an affected device, potentially causing process crashes and a device reload. This vulnerability affects only the distribution method CFSoIP, which is disabled by default.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.