Vulnerability in Cisco 9432pq
CVE-2019-1890
A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security va…
EPSS: 0.006 (45.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N.
Affected products
- Cisco 9432pq
- Cisco 9536pq
- Cisco 9636pq
- Cisco 9736pq
- Cisco Application_policy_infrastructure_controller — versions 7.3\(0\)zn\(0.113\)
- Cisco Nx-os System Software In Aci Mode 11.0.1b — versions unspecified
- Cisco N9k-x9432c-s
- Cisco N9k-x9464px
- Cisco N9k-x9464tx2
- Cisco N9k-x9564px
Weakness classification (CWE)
References
- psirt@cisco.com (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
- psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
Frequently asked questions
- What is CVE-2019-1890?
- CVE-2019-1890 is a medium-severity vulnerability in Cisco 9432pq, classified under Improper Access Control. CVSS score: 6.5/10. Published 2019-07-04.
- How severe is CVE-2019-1890?
- Medium severity. CVSS v3 base score is 6.5 out of 10.