René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

383 lines
15 KiB
JSON

{
"id": "CVE-2019-1749",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2019-03-28T00:29:00.717",
"lastModified": "2019-10-09T23:47:57.470",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the ingress traffic validation of Cisco IOS XE Software for Cisco Aggregation Services Router (ASR) 900 Route Switch Processor 3 (RSP3) could allow an unauthenticated, adjacent attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the software insufficiently validates ingress traffic on the ASIC used on the RSP3 platform. An attacker could exploit this vulnerability by sending a malformed OSPF version 2 (OSPFv2) message to an affected device. A successful exploit could allow the attacker to cause a reload of the iosd process, triggering a reload of the affected device and resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la validaci\u00f3n del tr\u00e1fico entrante del software Cisco IOS XE para Cisco Aggregation Services Router (ASR) 900 Route Switch Processor 3 (RSP3) podr\u00eda permitir que un atacante adyacente no autenticado desencadene la recarga de un dispositivo afectado, lo que resulta en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad existe debido a que el software no valida lo suficiente el tr\u00e1fico entrante en el ASIC empleado en la plataforma RSP3. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un mensaje OSPF versi\u00f3n 2 (OSPFv2) mal formado a un dispositivo afectado. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante provoque la recarga del proceso iosd, desencadenando la recarga del dispositivo afectado y resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73E7874-A063-4AE5-9F0A-53D590B7B99B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.13.6as:*:*:*:*:*:*:*",
"matchCriteriaId": "F84E4463-DB0F-4B06-B403-B3606B386F02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0as:*:*:*:*:*:*:*",
"matchCriteriaId": "97410577-A005-49B6-981C-535B3484E72F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.1as:*:*:*:*:*:*:*",
"matchCriteriaId": "AC72AA6D-9E18-49F7-95CA-A4A5D7A60E4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.2as:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0B441A-3A09-4A58-8A40-D463003A50BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.3as:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEFD3AD-EFA2-4808-801E-B98E4C63AA76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4bs:*:*:*:*:*:*:*",
"matchCriteriaId": "C35B3F96-B342-4AFC-A511-7A735B961ECD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4cs:*:*:*:*:*:*:*",
"matchCriteriaId": "9E203E52-0A3A-4910-863D-05FEF537C9B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4ds:*:*:*:*:*:*:*",
"matchCriteriaId": "DED2D791-4142-4B9E-8401-6B63357536B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4es:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6442B5-A87E-493B-98D5-F954B5A001BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4gs:*:*:*:*:*:*:*",
"matchCriteriaId": "8794DA1D-9EE8-4139-B8E9-061A73CFD5F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBEF4B2-EA12-445A-823E-E0E5343A405E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.5as:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAC484-1C4F-4CA8-B8E1-6EE0E9497A4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.5s:*:*:*:*:*:*:*",
"matchCriteriaId": "844E7CEC-5CB6-47AE-95F7-75693347C08E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.6bs:*:*:*:*:*:*:*",
"matchCriteriaId": "E50A67CE-EB1C-4BFA-AB40-BCF6CDF168BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.6s:*:*:*:*:*:*:*",
"matchCriteriaId": "147A245E-9A5D-4178-A1AC-5B0D41C3B730"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.7bs:*:*:*:*:*:*:*",
"matchCriteriaId": "27F66514-B9C4-422E-B68E-406608302E03"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.7s:*:*:*:*:*:*:*",
"matchCriteriaId": "E2438157-4D9C-4E16-9D2A-759A8F6CDDE2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.8s:*:*:*:*:*:*:*",
"matchCriteriaId": "12ECC01E-E59F-4AED-AE51-7EE6B5E717E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "12793F39-13C4-4DBC-9B78-FE361BDDF89D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "876767C7-0196-4226-92B1-DDE851B53655"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "141FFB5E-EA72-4FC1-B87A-B5E2D5FCFE2A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "FE444B39-D025-471B-835E-88671212ACAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "EE81AA43-88D4-4EFC-B8F6-A41EFF437819"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.0sp:*:*:*:*:*:*:*",
"matchCriteriaId": "C18E6308-7A34-43E3-9AD8-5FB52B31ACB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1bsp:*:*:*:*:*:*:*",
"matchCriteriaId": "80EE163D-D9EC-46A1-826A-54F8F3A3FFBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1gsp:*:*:*:*:*:*:*",
"matchCriteriaId": "CE3170E3-0BCC-4C5F-8E6C-5E91E8C4E7A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1hsp:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCDB353-DD15-4C91-AD2A-73649C012E08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1isp:*:*:*:*:*:*:*",
"matchCriteriaId": "7D7DAAE1-BB3F-4FBA-A6ED-3BABC9196C1C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEBCBF7-D1CF-488F-BB3E-F864F901A96A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1sp:*:*:*:*:*:*:*",
"matchCriteriaId": "06BBE88E-FEFB-4B90-91D1-4F053FA0EA47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "BD8CCA19-1D1C-45C0-A1A0-CED5885AD580"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.2sp:*:*:*:*:*:*:*",
"matchCriteriaId": "014224BF-926E-470C-A133-84036D8AD533"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "4063CCF8-19BE-4411-B71B-147BB146700B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.3sp:*:*:*:*:*:*:*",
"matchCriteriaId": "2DE8E0D1-E4AD-4648-BCF0-AE11B93D22B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "186ADB50-A4D4-4B32-884D-3195E7770346"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.4sp:*:*:*:*:*:*:*",
"matchCriteriaId": "334F278A-CFEB-4145-9D8D-EFC36A1BF258"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7B2557-821D-4E05-B5C3-67192573D97D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E0B905E-4D92-4FD6-B2FF-41FF1F59A948"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62EDEC28-661E-42EF-88F0-F62D0220D2E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F821EBD7-91E2-4460-BFAF-18482CF6CB8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E36D2D24-8F63-46DE-AC5F-8DE33332EBC6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B825E6-5929-4890-BDBA-4CF4BD2314C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65020120-491D-46CD-8C73-974B6F4C11E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "623BF701-ADC9-4F24-93C5-043A6A7FEF5F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0FBD681F-7969-42BE-A47E-7C287755DCB5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57D4F634-03D5-4D9F-901C-7E9CE45F2F38"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D97F69C3-CAA6-491C-A0B6-6DC12B5AB472"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD58C58-1B0C-4A71-8C02-F555CEF9C253"
}
]
}
]
}
],
"references": [
{
"url": "http://www.securityfocus.com/bid/107615",
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-rsp3-ospf",
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}