First published: Thu Mar 07 2019(Updated: )
A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to an issue with allocating and freeing memory buffers in the network stack. An attacker could exploit this vulnerability by sending crafted TCP streams to an affected device in a sustained way. A successful exploit could cause the network stack of an affected device to run out of available buffers, impairing operations of control plane and management plane protocols, resulting in a DoS condition. Note: This vulnerability can be triggered only by traffic that is destined to an affected device and cannot be exploited using traffic that transits an affected device. Nexus 1000V Switch for Microsoft Hyper-V is affected in versions prior to 5.2(1)SM3(2.1). Nexus 1000V Switch for VMware vSphere is affected in versions prior to 5.2(1)SV3(4.1a). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(6) and 9.2(2). Nexus 3500 Platform Switches are affected in versions prior to 6.0(2)A8(11), 7.0(3)I7(6), and 9.2(2). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5) and 9.2(2). Nexus 5500, 5600, and 6000 Series Switches are affected in versions prior to 7.1(5)N1(1b) and 7.3(5)N1(1). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(22. Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5) and 9.2(2). UCS 6200 and 6300 Series Fabric Interconnect are affected in versions prior to 3.2(3j) and 4.0(2a). UCS 6400 Series Fabric Interconnect are affected in versions prior to 4.0(2a).
Credit: ykramarz@cisco.com ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Nx-os | >=9.2<9.2\(2\) | |
Cisco Nexus 3000 | ||
Cisco Nexus 3500 | ||
Cisco Nexus 3600 | ||
Cisco Nx-os | >=7.0\(3\)<7.0\(3\)i7\(5\) | |
Cisco Nx-os | >=7.0\(3\)<7.0\(3\)f3\(5\) | |
Cisco Nx-os | >=7.2<7.3\(5\)n1\(1\) | |
Cisco Nexus 5500 | ||
Cisco Nexus 5600 | ||
Cisco Nexus 6000 | ||
Cisco Nx-os | >=8.3<8.3\(2\) | |
Cisco Nexus 7000 | ||
Cisco Nexus 7700 | ||
Cisco Nexus 9000 | ||
Cisco Nexus 9500 | ||
Cisco Nx-os | <6.0\(2\)a8\(11\) | |
Cisco Nx-os | <6.2\(22\) | |
Cisco Nx-os | >=7.0\(3\)i5<7.0\(3\)i7\(6\) | |
Cisco Nx-os | <5.2\(1\)sm3\(2.1\) | |
Cisco Nexus 1000v | ||
Cisco Nx-os | <5.2\(1\)sv3\(4.1a\) | |
Cisco Nexus 1000v | ||
Cisco Nx-os | >=4.0<4.0\(2a\) | |
Cisco UCS 6200 | ||
Cisco Ucs 6300 | ||
Cisco Ucs 6400 | ||
Cisco Nx-os | <3.2\(3j\) | |
Cisco Nx-os | <7.0\(3\)i4\(9\) | |
Cisco Nx-os | <7.1\(5\)n1\(1b\) | |
Cisco Nx-os | >=8.0<8.2\(3\) | |
Cisco Nx-os | >=7.2<7.3\(3\)d1\(1\) | |
All of | ||
Cisco Nx-os | >=9.2<9.2\(2\) | |
Any of | ||
Cisco Nexus 3000 | ||
Cisco Nexus 3500 | ||
Cisco Nexus 3600 | ||
All of | ||
Cisco Nx-os | >=7.0\(3\)<7.0\(3\)i7\(5\) | |
Cisco Nexus 3500 | ||
All of | ||
Cisco Nx-os | >=7.0\(3\)<7.0\(3\)f3\(5\) | |
Cisco Nexus 3600 | ||
All of | ||
Cisco Nx-os | >=7.2<7.3\(5\)n1\(1\) | |
Any of | ||
Cisco Nexus 5500 | ||
Cisco Nexus 5600 | ||
Cisco Nexus 6000 | ||
All of | ||
Cisco Nx-os | >=8.3<8.3\(2\) | |
Any of | ||
Cisco Nexus 7000 | ||
Cisco Nexus 7700 | ||
All of | ||
Cisco Nx-os | >=9.2<9.2\(2\) | |
Any of | ||
Cisco Nexus 9000 | ||
Cisco Nexus 9500 | ||
All of | ||
Cisco Nx-os | <6.0\(2\)a8\(11\) | |
Cisco Nexus 3500 | ||
All of | ||
Cisco Nx-os | <6.2\(22\) | |
Any of | ||
Cisco Nexus 7000 | ||
Cisco Nexus 7700 | ||
All of | ||
Cisco Nx-os | >=7.0\(3\)i5<7.0\(3\)i7\(6\) | |
Cisco Nexus 3000 | ||
All of | ||
Cisco Nx-os | >=7.0\(3\)<7.0\(3\)f3\(5\) | |
Cisco Nexus 9500 | ||
All of | ||
Cisco Nx-os | <5.2\(1\)sm3\(2.1\) | |
Cisco Nexus 1000v | ||
All of | ||
Cisco Nx-os | <5.2\(1\)sv3\(4.1a\) | |
Cisco Nexus 1000v | ||
All of | ||
Cisco Nx-os | >=4.0<4.0\(2a\) | |
Any of | ||
Cisco UCS 6200 | ||
Cisco Ucs 6300 | ||
All of | ||
Cisco Nx-os | >=4.0<4.0\(2a\) | |
Cisco Ucs 6400 | ||
All of | ||
Cisco Nx-os | <3.2\(3j\) | |
Any of | ||
Cisco UCS 6200 | ||
Cisco Ucs 6300 | ||
All of | ||
Cisco Nx-os | <7.0\(3\)i4\(9\) | |
Cisco Nexus 3000 | ||
All of | ||
Cisco Nx-os | <7.1\(5\)n1\(1b\) | |
Any of | ||
Cisco Nexus 5500 | ||
Cisco Nexus 5600 | ||
Cisco Nexus 6000 | ||
All of | ||
Cisco Nx-os | >=8.0<8.2\(3\) | |
Any of | ||
Cisco Nexus 7000 | ||
Cisco Nexus 7700 | ||
All of | ||
Cisco Nx-os | >=7.2<7.3\(3\)d1\(1\) | |
Any of | ||
Cisco Nexus 7000 | ||
Cisco Nexus 7700 | ||
All of | ||
Cisco Nx-os | >=7.0\(3\)i5<7.0\(3\)i7\(6\) | |
Cisco Nexus 9000 | ||
All of | ||
Cisco Nx-os | <7.0\(3\)i4\(9\) | |
Cisco Nexus 9000 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-1599 is a vulnerability in the network stack of Cisco NX-OS Software that could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition on the affected device.
CVE-2019-1599 has a severity value of 8.6, which is considered high.
CVE-2019-1599 affects Cisco NX-OS Software by causing a denial of service (DoS) condition on the affected device.
To fix CVE-2019-1599, apply the necessary updates or patches provided by Cisco.
You can find more information about CVE-2019-1599 on the SecurityFocus and Cisco Security Advisory websites.