8.6
CWE
20
Advisory Published
Updated

CVE-2019-1597: Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities

First published: Thu Mar 07 2019(Updated: )

Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets by an affected device. An attacker could exploit these vulnerabilities by sending an LDAP packet crafted using Basic Encoding Rules (BER) to an affected device. The LDAP packet must have a source IP address of an LDAP server configured on the targeted device. A successful exploit could cause the affected device to reload, resulting in a DoS condition. Firepower 4100 Series Next-Generation Firewalls are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. Firepower 9300 Security Appliances are affected in versions prior to 2.0.1.201, 2.2.2.54 and 2.3.1.75. MDS 9000 Series Multilayer Switches are affected in versions prior to 8.2(1). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(1). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(2). Nexus 7000 and 7700 Series Switches are affected in versions prior to 8.2(1). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I7(1). Cisco UCS 6200 and 6300 Fabric Interconnect devices are affected in versions prior to 3.2(2b).

Credit: ykramarz@cisco.com ykramarz@cisco.com

Affected SoftwareAffected VersionHow to fix
Cisco Firepower Extensible Operating System>2.2.2.54<2.3.1.75
Cisco Firepower 4100
Cisco Firepower 9300
Cisco Nx-os<8.2\(1\)
Cisco MDS 9000
Cisco Nx-os<7.0\(3\)i7\(1\)
Cisco Nexus 3000
Cisco Nx-os<7.0\(3\)i7\(2\)
Cisco Nexus 3500
Cisco Nx-os>7.3\(2\)d1\(1\)<8.2\(1\)
Cisco Nexus 7000
Cisco Nexus 7700
Cisco Nexus 9000
Cisco Firepower Extensible Operating System>2.0.1.201<2.2.2.54
Cisco Nx-os>6.2\(20\)<7.3\(2\)d1\(1\)
Cisco Nx-os<6.2\(20\)
Cisco Firepower Extensible Operating System<2.0.1.201
Cisco Nx-os<3.2\(2b\)
Cisco UCS 6200
Cisco Ucs 6300
All of
Cisco Firepower Extensible Operating System>2.2.2.54<2.3.1.75
Any of
Cisco Firepower 4100
Cisco Firepower 9300
All of
Cisco Nx-os<8.2\(1\)
Cisco MDS 9000
All of
Cisco Nx-os<7.0\(3\)i7\(1\)
Cisco Nexus 3000
All of
Cisco Nx-os<7.0\(3\)i7\(2\)
Cisco Nexus 3500
All of
Cisco Nx-os>7.3\(2\)d1\(1\)<8.2\(1\)
Any of
Cisco Nexus 7000
Cisco Nexus 7700
All of
Cisco Nx-os<7.0\(3\)i7\(1\)
Cisco Nexus 9000
All of
Cisco Firepower Extensible Operating System>2.0.1.201<2.2.2.54
Any of
Cisco Firepower 4100
Cisco Firepower 9300
All of
Cisco Nx-os>6.2\(20\)<7.3\(2\)d1\(1\)
Any of
Cisco Nexus 7000
Cisco Nexus 7700
All of
Cisco Nx-os<6.2\(20\)
Any of
Cisco Nexus 7000
Cisco Nexus 7700
All of
Cisco Firepower Extensible Operating System<2.0.1.201
Any of
Cisco Firepower 4100
Cisco Firepower 9300
All of
Cisco Nx-os<3.2\(2b\)
Any of
Cisco UCS 6200
Cisco Ucs 6300

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the severity of CVE-2019-1597?

    The severity of CVE-2019-1597 is high.

  • What is the affected software for CVE-2019-1597?

    The affected software for CVE-2019-1597 includes Cisco FXOS Software and Cisco NX-OS Software.

  • What is the impact of CVE-2019-1597?

    The impact of CVE-2019-1597 is a denial of service (DoS) condition, which can cause an affected device to reload.

  • How can an unauthenticated, remote attacker exploit CVE-2019-1597?

    An unauthenticated, remote attacker can exploit CVE-2019-1597 by sending specially crafted Lightweight Directory Access Protocol (LDAP) requests to the affected device.

  • Where can I find more information about CVE-2019-1597?

    You can find more information about CVE-2019-1597 on the SecurityFocus and Cisco Security Advisory websites.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203