How severe is CVE-2019-1595?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2019-1595?

This is classified as CWE-913, which is a common weakness in software security.

CVE-2019-1595 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an incorrect allocation of an internal interface index. An adjacent attacker with the ability to submit a crafted FCoE packet that crosses affected interfaces could trigger this vulnerability. A successful exploit could allow the attacker to cause a packet loop and high throughput on the affected interfaces, resulting in a DoS condition. This vulnerability has been fixed in version 7.3(5)N1(1).

Related Vulnerabilities

CVE-2019-15006

MEDIUM

CVSS:6.5(Medium)

There was a man-in-the-middle (MITM) vulnerability present in the Confluence Previews plugin in Confluence Server and Confluence Data Center. This plugin was used to facilitate communication with the ...

CWE-9132019

CVE-2020-25802

HIGH

CVSS:7.2(High)

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy scripting. This issue affects: C...

CWE-9132020

CVE-2020-25803

HIGH

CVSS:7.2(High)

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker template exposed objects. Th...

CWE-9132020

CVE-2021-23258

HIGH

CVSS:7.2(High)

Authenticated users with Administrator or Developer roles may execute OS commands by SPEL Expression in Spring beans. SPEL Expression does not have security restrictions, which will cause attackers to...

CWE-9132021

CVE-2021-23259

HIGH

CVSS:7.2(High)

Authenticated users with Administrator or Developer roles may execute OS commands by Groovy Script which uses Groovy lib to render a webpage. The groovy script does not have security restrictions, whi...

CWE-9132021

CVE-2021-23262

HIGH

CVSS:7.2(High)

Authenticated administrators may modify the main YAML configuration file and load a Java class resulting in RCE.

CWE-9132021