Sign-up

ID

VAR-201907-0859


CVE

CVE-2019-1901


TITLE

Cisco Nexus 9000 Series Application Centric Infrastructure Mode Switch Software buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-007495

DESCRIPTION

A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to the targeted device. A successful exploit may lead to a buffer overflow condition that could either cause a DoS condition or allow the attacker to execute arbitrary code with root privileges. Note: This vulnerability cannot be exploited by transit traffic through the device; the crafted packet must be targeted to a directly connected interface. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI mode if they are running a Cisco Nexus 9000 Series ACI Mode Switch Software release prior to 13.2(7f) or any 14.x release

Trust: 2.25

sources: NVD: CVE-2019-1901 // JVNDB: JVNDB-2019-007495 // CNVD: CNVD-2020-16485 // VULHUB: VHN-151413

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-16485

AFFECTED PRODUCTS

vendor:ciscomodel:nx-osscope:gteversion:14.0\(1h\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:lteversion:14.1\(2g\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:13.2\(7f\)

Trust: 1.0

vendor:ciscomodel:nx-osscope: - version: -

Trust: 0.8

vendor:ciscomodel:nexus series switch software <13.2scope:eqversion:9000

Trust: 0.6

vendor:ciscomodel:nexus series switch softwarescope:eqversion:900014.*

Trust: 0.6

sources: CNVD: CNVD-2020-16485 // JVNDB: JVNDB-2019-007495 // NVD: CVE-2019-1901

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1901
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1901
value: HIGH

Trust: 1.0

NVD: CVE-2019-1901
value: HIGH

Trust: 0.8

CNVD: CNVD-2020-16485
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201907-1598
value: HIGH

Trust: 0.6

VULHUB: VHN-151413
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-1901
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2020-16485
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-151413
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

ykramarz@cisco.com: CVE-2019-1901
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2019-1901
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2020-16485 // VULHUB: VHN-151413 // JVNDB: JVNDB-2019-007495 // CNNVD: CNNVD-201907-1598 // NVD: CVE-2019-1901 // NVD: CVE-2019-1901

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-151413 // JVNDB: JVNDB-2019-007495 // NVD: CVE-2019-1901

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201907-1598

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201907-1598

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-007495

PATCH
title:cisco-sa-20190731-nxos-bourl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190731-nxos-bo
Trust: 0.8
title:Patch for Cisco Nexus 9000 Series Fabric Switches Buffer Overflow Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/207975
Trust: 0.6
title:Cisco Nexus 9000 Series Fabric Switches Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=95719
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-16485 // 
            
            
            
            JVNDB: JVNDB-2019-007495 // 
            
            
            
            CNNVD: CNNVD-201907-1598

EXTERNAL IDS
db:NVDid:CVE-2019-1901
Trust: 3.1
db:JVNDBid:JVNDB-2019-007495
Trust: 0.8
db:CNNVDid:CNNVD-201907-1598
Trust: 0.7
db:CNVDid:CNVD-2020-16485
Trust: 0.6
db:AUSCERTid:ESB-2019.3164
Trust: 0.6
db:AUSCERTid:ESB-2019.3164.2
Trust: 0.6
db:VULHUBid:VHN-151413
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2020-16485 // 
            
            
            
            VULHUB: VHN-151413 // 
            
            
            
            JVNDB: JVNDB-2019-007495 // 
            
            
            
            CNNVD: CNNVD-201907-1598 // 
            
            
            
            NVD: CVE-2019-1901

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190731-nxos-bo
Trust: 2.3
url:https://nvd.nist.gov/vuln/detail/cve-2019-1901
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1901
Trust: 0.8
url:https://vigilance.fr/vulnerability/cisco-nexus-9000-buffer-overflow-via-lldp-29923
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2019.3164/
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2019.3164.2/
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-16485 // 
            
            
            
            VULHUB: VHN-151413 // 
            
            
            
            JVNDB: JVNDB-2019-007495 // 
            
            
            
            CNNVD: CNNVD-201907-1598 // 
            
            
            
            NVD: CVE-2019-1901

CREDITS
Frank Block of ERNW Research GmbH  to Cisco and working toward a coordinated disclosure.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201907-1598

SOURCES
db:CNVDid:CNVD-2020-16485
db:VULHUBid:VHN-151413
db:JVNDBid:JVNDB-2019-007495
db:CNNVDid:CNNVD-201907-1598
db:NVDid:CVE-2019-1901

LAST UPDATE DATE
2024-11-23T23:04:44.885000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-16485date:2020-03-10T00:00:00
db:VULHUBid:VHN-151413date:2023-03-03T00:00:00
db:JVNDBid:JVNDB-2019-007495date:2019-08-14T00:00:00
db:CNNVDid:CNNVD-201907-1598date:2019-10-08T00:00:00
db:NVDid:CVE-2019-1901date:2024-11-21T04:37:39.023

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-16485date:2020-03-10T00:00:00
db:VULHUBid:VHN-151413date:2019-07-31T00:00:00
db:JVNDBid:JVNDB-2019-007495date:2019-08-14T00:00:00
db:CNNVDid:CNNVD-201907-1598date:2019-07-31T00:00:00
db:NVDid:CVE-2019-1901date:2019-07-31T18:15:11.050