CVE-2019-1977

A vulnerability within the Endpoint Learning feature of Cisco Nexus 9000 Series Switches running in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an endpoint device in certain circumstances. The vulnerability is due to improper endpoint learning when packets are received on a specific port from outside the ACI fabric and destined to an endpoint located on a border leaf when Disable Remote Endpoint Learning has been enabled. This can result in a Remote (XR) entry being created for the impacted endpoint that will become stale if the endpoint migrates to a different port or leaf switch. This results in traffic not reaching the impacted endpoint until the Remote entry can be relearned by another mechanism.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:cisco:nx-os:12.3\(1h\):*:*:*:*:*:*:*
cpe:2.3:o:cisco:nx-os:13.1\(2m\):*:*:*:*:*:*:*
cpe:2.3:o:cisco:nx-os:13.1\(2o\):*:*:*:*:*:*:*
cpe:2.3:o:cisco:nx-os:13.1\(2p\):*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:37

Type Values Removed Values Added
CVSS v2 : 4.3
v3 : 7.5
v2 : 4.3
v3 : 6.8
References () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nexus-aci-dosĀ - Vendor Advisory () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nexus-aci-dosĀ - Vendor Advisory

Information

Published : 2019-08-30 09:15

Updated : 2024-11-21 04:37


NVD link : CVE-2019-1977

Mitre link : CVE-2019-1977

CVE.ORG link : CVE-2019-1977


JSON object : View

Products Affected

cisco

  • nexus_9000
  • nexus_9348gc-fxp
  • nexus_93180yc-fx
  • nexus_9396tx
  • nexus_9516
  • nexus_9336pq
  • nexus_9364c
  • nx-os
  • nexus_93108tc-fx
  • nexus_93180lc-ex
  • nexus_9372px-e
  • nexus_93180yc-ex
  • nexus_9508
  • nexus_9372px
  • nexus_9396px
  • nexus_93128tx
  • nexus_93120tx
  • nexus_93108tc-ex
  • nexus_9372tx
  • nexus_9504
  • nexus_9332pq
  • nexus_9372tx-e
  • nexus_9336c-fx2
CWE
CWE-371

State Issues