

Rewterz Threat Advisory – CVE-2019-1901 – Cisco Nexus 9000 Series Buffer Overflow Vulnerability
September 27, 2019
Rewterz Threat Alert – Divergent: Fileless Malware Using NodeJS
September 27, 2019
Rewterz Threat Advisory – CVE-2019-1901 – Cisco Nexus 9000 Series Buffer Overflow Vulnerability
September 27, 2019
Rewterz Threat Alert – Divergent: Fileless Malware Using NodeJS
September 27, 2019Severity
Medium
Analysis Summary
The vulnerability is due to incomplete input and validation checking mechanisms for certain SPF messages that are sent to an affected device. An attacker could exploit this vulnerability by sending a customized SPF packet to an affected device. A successful exploit could allow the attacker to bypass the header filters that are configured for the affected device, which could allow malicious content to pass through the device.
Impact
Security bypass
Affected Vendors
Cisco
Affected Products
Cisco AsyncOS Software prior than 4.0MR1
Remediation
Please see vendor’s advisory for more details.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-esm-inject