How severe is CVE-2019-1617?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.4 out of 10.

What type of vulnerability is CVE-2019-1617?

This is classified as CWE-913, which is a common weakness in software security.

CVE-2019-1617 - HIGH Severity | CVSS 7.4

Vulnerability Description

A vulnerability in the Fibre Channel over Ethernet (FCoE) N-port Virtualization (NPV) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to an incorrect processing of FCoE packets when the fcoe-npv feature is uninstalled. An attacker could exploit this vulnerability by sending a stream of FCoE frames from an adjacent host to an affected device. An exploit could allow the attacker to cause packet amplification to occur, resulting in the saturation of interfaces and a DoS condition. Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I7(5) and 9.2(2).

Related Vulnerabilities

CVE-2012-2055

HIGH

CVSS:7.5(High)

GitHub Enterprise before 20120304 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set the public_key[user_id] value via a modi...

CWE-9132012

CVE-2020-25802

HIGH

CVSS:7.2(High)

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy scripting. This issue affects: C...

CWE-9132020

CVE-2020-25803

HIGH

CVSS:7.2(High)

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker template exposed objects. Th...

CWE-9132020

CVE-2021-23258

HIGH

CVSS:7.2(High)

Authenticated users with Administrator or Developer roles may execute OS commands by SPEL Expression in Spring beans. SPEL Expression does not have security restrictions, which will cause attackers to...

CWE-9132021

CVE-2021-23259

HIGH

CVSS:7.2(High)

Authenticated users with Administrator or Developer roles may execute OS commands by Groovy Script which uses Groovy lib to render a webpage. The groovy script does not have security restrictions, whi...

CWE-9132021

CVE-2021-23262

HIGH

CVSS:7.2(High)

Authenticated administrators may modify the main YAML configuration file and load a Java class resulting in RCE.

CWE-9132021