November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Advisory – CVE-2019-1901 – Cisco Nexus 9000 Series Buffer Overflow Vulnerability
September 27, 2019Rewterz Threat Alert – Divergent: Fileless Malware Using NodeJS
September 27, 2019Rewterz Threat Advisory – CVE-2019-1901 – Cisco Nexus 9000 Series Buffer Overflow Vulnerability
September 27, 2019Rewterz Threat Alert – Divergent: Fileless Malware Using NodeJS
September 27, 2019
Severity
Medium
Analysis Summary
The vulnerability is due to incomplete input and validation checking mechanisms for certain SPF messages that are sent to an affected device. An attacker could exploit this vulnerability by sending a customized SPF packet to an affected device. A successful exploit could allow the attacker to bypass the header filters that are configured for the affected device, which could allow malicious content to pass through the device.
Impact
Security bypass
Affected Vendors
Cisco
Affected Products
Cisco AsyncOS Software prior than 4.0MR1
Remediation
Please see vendor’s advisory for more details.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-esm-inject