First published: Wed Mar 06 2019(Updated: )
A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow, resulting in process crashes and a DoS condition on the device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-fabric-dos
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco NX-OS Software | =8.1<8.1(1b)=7.3<8.1(1b)=6.2<6.2(25)=5.2<6.2(25) | 8.1(1b) 8.1(1b) 6.2(25) 6.2(25) |
Cisco NX-OS Software | ||
Cisco NX-OS Software | =6.0(2)A8<6.0(2)A8(10)=Prior to 6.0(2)A8<6.0(2)A8(10) | 6.0(2)A8(10) 6.0(2)A8(10) |
Cisco NX-OS Software | =7.0(3)F3<7.0(3)F3(3c)1 | 7.0(3)F3(3c)1 |
Cisco NX-OS Software | >=7.2<=7.3<Umbrella SMU for CSCvj10178 and CSCvj638071=6.2<6.2(22) | Umbrella SMU for CSCvj10178 and CSCvj638071 6.2(22) |
Cisco NX-OS Software | =7.0(3)F3<7.0(3)F3(3c)1=7.0(3)F2<7.0(3)F3(3c)1=7.0(3)F1<7.0(3)F3(3c)1 | 7.0(3)F3(3c)1 7.0(3)F3(3c)1 7.0(3)F3(3c)1 |
Cisco NX-OS Software | =4.0<4.0(2a)=3.2<3.2(3j)=3.1<3.2(3j)=Prior to 3.1<3.2(3j) | 4.0(2a) 3.2(3j) 3.2(3j) 3.2(3j) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is cisco-sa-20190306-nxos-fabric-dos.
The severity rating of cisco-sa-20190306-nxos-fabric-dos is 8.6.
cisco-sa-20190306-nxos-fabric-dos affects Cisco NX-OS Software by allowing an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition.
The versions affected by cisco-sa-20190306-nxos-fabric-dos are 8.1(1b), 6.2(25), 6.0(2)A8(10), 7.0(3)F3(3c)1, Umbrella SMU for CSCvj10178 and CSCvj638071, and 4.0(2a), among others.
Yes, Cisco has provided fixes for cisco-sa-20190306-nxos-fabric-dos. Please refer to the Cisco Security Advisory for more information.