Vulnerabilities > CVE-2019-1977 - State Issues vulnerability in Cisco Nx-Os
Summary
A vulnerability within the Endpoint Learning feature of Cisco Nexus 9000 Series Switches running in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an endpoint device in certain circumstances. The vulnerability is due to improper endpoint learning when packets are received on a specific port from outside the ACI fabric and destined to an endpoint located on a border leaf when Disable Remote Endpoint Learning has been enabled. This can result in a Remote (XR) entry being created for the impacted endpoint that will become stale if the endpoint migrates to a different port or leaf switch. This results in traffic not reaching the impacted endpoint until the Remote entry can be relearned by another mechanism.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Manipulating User State An attacker modifies state information maintained by the target software in user-accessible locations. If successful, the target software will use this tainted state information and execute in an unintended manner. State management is an important function within an application. User state maintained by the application can include usernames, payment information, browsing history as well as application-specific contents such as items in a shopping cart. Manipulating user state can be employed by an attacker to elevate privilege, conduct fraudulent transactions or otherwise modify the flow of the application to derive certain benefits.
Nessus
NASL family | CISCO |
NASL id | CISCO-SA-20190828-NEXUS-ACI-DOS.NASL |
description | According to its self-reported version, Cisco NX-OS System Software in Application Centric Infrastructure (ACI) mode is affected by a vulnerability within the Endpoint Learning feature of Cisco 9000 Series Switches due to improper endpoint learning when packets are received on a specific port from outside the ACI fabric and destined to an endpoint located on a border leaf when |
last seen | 2020-03-26 |
modified | 2020-01-14 |
plugin id | 132855 |
published | 2020-01-14 |
reporter | This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/132855 |
title | Cisco Nexus 9000 Series Fabric Switches ACI Mode Border Leaf Endpoint Learning (cisco-sa-20190828-nexus-aci-dos) |
code |
|