Cisco Event Response Page
Cisco Event Response: August 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication
-
The August 28, 2019, release of the Cisco FXOS and NX-OS Software Security Advisory Bundled Publication includes five Cisco Security Advisories that describe five vulnerabilities in Cisco FXOS Software, Cisco NX-OS Software, and Cisco UCS Fabric Interconnect Software. Cisco has released software updates that address these vulnerabilities.
The five vulnerabilities have a Security Impact Rating (SIR) of High. Successful exploitation of the vulnerabilities could allow an attacker to gain elevated privileges, execute arbitrary commands, or cause a denial of service (DoS) condition on an affected device.
One of the vulnerabilities affects both Cisco FXOS Software and Cisco NX-OS Software, one of the vulnerabilities affects only Cisco UCS Fabric Interconnect Software, and the remaining three vulnerabilities affect only Cisco NX-OS Software. Cisco has confirmed that none of the vulnerabilities affect Cisco IOS Software or Cisco IOS XE Software.
-
The following table identifies Cisco Security content that is associated with this Cisco FXOS and NX-OS Software Security Advisory Bundled Publication:
Cisco Security Advisory CVE ID Security Impact Rating CVSS Base Score Affected Cisco Platforms cisco-sa-20190828-fxnxos-snmp-dos
Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service VulnerabilityCVE-2019-1963High7.7Firepower 4100 Series
Firepower 9300 Security Appliances
MDS 9000 Series Multilayer Switches
Nexus 1000 Virtual Edge for VMware vSphere
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnectscisco-sa-20190828-nxos-fsip-dos
Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service VulnerabilityCVE-2019-1962High8.6MDS 9000 Series Multilayer Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnectscisco-sa-20190828-nxos-ipv6-dos
Cisco NX-OS Software IPv6 Denial of Service VulnerabilityCVE-2019-1964High8.6Nexus 7000 Series Switches
Nexus 7700 Series Switchescisco-sa-20190828-nxos-memleak-dos
Cisco NX-OS Software Remote Management Memory Leak Denial of Service VulnerabilityCVE-2019-1965High7.7MDS 9000 Series Multilayer Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnectscisco-sa-20190828-ucs-privescalation
Cisco Unified Computing System Fabric Interconnect root Privilege Escalation VulnerabilityCVE-2019-1966High7.8UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
Related Resources
Cisco Security Vulnerability Policy
MITRE Common Vulnerabilities and Exposures
Common Vulnerability Scoring System and the Security Impact Rating
Common Vulnerability Scoring System Q & A