CVE-2019-1594— Cisco NX-OS Software 802.1X Extensible Authentication Protocol over LAN Denial of Service Vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-1594
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco NX-OS Software 802.1X Extensible Authentication Protocol over LAN Denial of Service Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the 802.1X implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation of Extensible Authentication Protocol over LAN (EAPOL) frames. An attacker could exploit this vulnerability by sending a crafted EAPOL frame to an interface on the targeted device. A successful exploit could allow the attacker to cause the Layer 2 (L2) forwarding process to restart multiple times, leading to a system-level restart of the device and a DoS condition. Note: This vulnerability affects only NX-OS devices configured with 802.1X functionality. Cisco Nexus 1000V Switch for VMware vSphere devices are affected in versions prior to 5.2(1)SV3(1.4b). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(4). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(4). Nexus 2000, 5500, 5600, and 6000 Series Switches are affected in versions prior to 7.3(5)N1(1) and 7.1(5)N1(1b). Nexus 7000 and 7700 Series Switches are affected in versions prior to 8.2(3). Nexus 9000 Series Fabric Switches in ACI Mode are affected in versions prior to 13.2(1l). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I7(4).
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
权限、特权和访问控制
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco NX-OS Software 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Nexus 3000 Series Switches等都是美国思科(Cisco)公司的产品。Cisco Nexus 3000 Series Switches是一款3000系列交换机。Cisco Nexus 3500 Platform Switches是一款3500系列平台交换机。Cisco Nexus 9000 Series Switches是一款9000系列交换机。Cisco NX-OS Software是一套交换机使用的数据中心级操作系统软件。 Cisco NX-OS Software中的
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Cisco | Nexus 1000V Switch for VMware vSphere | unspecified ~ 5.2(1)SV3(1.4b) | - | |
| Cisco | Nexus 3000 Series Switches | unspecified ~ 7.0(3)I7(4) | - | |
| Cisco | Nexus 3500 Platform Switches | unspecified ~ 7.0(3)I7(4) | - | |
| Cisco | Nexus 2000, 5500, 5600, and 6000 Series Switches | unspecified ~ 7.3(5)N1(1) | - | |
| Cisco | Nexus 7000 and 7700 Series Switches | unspecified ~ 8.2(3) | - | |
| Cisco | Nexus 9000 Series Fabric Switches in ACI Mode | unspecified ~ 13.2(1l) | - | |
| Cisco | Nexus 9000 Series Switches in Standalone NX-OS Mode | unspecified ~ 7.0(3)I7(4) | - |
II. Public POCs for CVE-2019-1594
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2019-1594
请登录查看更多情报信息。
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nx-os-lan-authvendor-advisoryx_refsource_CISCO
- https://nvd.nist.gov/vuln/detail/CVE-2019-1594
Same Patch Batch · Cisco · 2019-03-06 · 6 CVEs total
| CVE-2019-1588 | Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Arbitrary | |
| CVE-2019-1591 | Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Shell Esca | |
| CVE-2019-1593 | Cisco NX-OS Software Bash Shell Role-Based Access Control Bypass Privilege Escalation Vuln | |
| CVE-2019-1595 | Cisco Nexus 5600 and 6000 Series Switches Fibre Channel over Ethernet Denial of Service Vu | |
| CVE-2019-1585 | Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege |
IV. Related Vulnerabilities
Same vendor: Cisco
- CVE-2026-20219
Cisco Slido 安全漏洞 - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-20035
Cisco Unity Connection Server-Side Request Forgery Vulnerabi - CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Ser - CVE-2026-20169
Cisco IoT Field Network Director Command Injection Vulnerabi
V. Comments for CVE-2019-1594
No comments yet