CWE-400
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource.
CVE-2019-1672 (GCVE-0-2019-1672)
Vulnerability from cvelistv5 – Published: 2019-02-08 18:00 – Updated: 2024-11-19 19:17
VLAI
Title
Cisco Web Security Appliance Decryption Policy Bypass Vulnerability
Summary
A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorrect handling of SSL-encrypted traffic when Decrypt for End-User Notification is disabled in the configuration. An attacker could exploit this vulnerability by sending a SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured drop policy to block specific SSL connections. Releases 10.1.x and 10.5.x are affected.
Severity
5.8 (Medium)
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
| http://www.securityfocus.com/bid/106904 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Web Security Appliance (WSA) |
Affected:
10.1
Affected: 10.5 |
Date Public
2019-02-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190206 Cisco Web Security Appliance Decryption Policy Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-wsa-bypass"
},
{
"name": "106904",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106904"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1672",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:25:29.179775Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:17:07.018Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Web Security Appliance (WSA)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.1"
},
{
"status": "affected",
"version": "10.5"
}
]
}
],
"datePublic": "2019-02-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorrect handling of SSL-encrypted traffic when Decrypt for End-User Notification is disabled in the configuration. An attacker could exploit this vulnerability by sending a SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured drop policy to block specific SSL connections. Releases 10.1.x and 10.5.x are affected."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-09T10:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190206 Cisco Web Security Appliance Decryption Policy Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-wsa-bypass"
},
{
"name": "106904",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106904"
}
],
"source": {
"advisory": "cisco-sa-20190206-wsa-bypass",
"defect": [
[
"CSCvm91630"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Web Security Appliance Decryption Policy Bypass Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-02-06T16:00:00-0800",
"ID": "CVE-2019-1672",
"STATE": "PUBLIC",
"TITLE": "Cisco Web Security Appliance Decryption Policy Bypass Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Web Security Appliance (WSA)",
"version": {
"version_data": [
{
"version_value": "10.1"
},
{
"version_value": "10.5"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorrect handling of SSL-encrypted traffic when Decrypt for End-User Notification is disabled in the configuration. An attacker could exploit this vulnerability by sending a SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured drop policy to block specific SSL connections. Releases 10.1.x and 10.5.x are affected."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190206 Cisco Web Security Appliance Decryption Policy Bypass Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-wsa-bypass"
},
{
"name": "106904",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106904"
}
]
},
"source": {
"advisory": "cisco-sa-20190206-wsa-bypass",
"defect": [
[
"CSCvm91630"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1672",
"datePublished": "2019-02-08T18:00:00.000Z",
"dateReserved": "2018-12-06T00:00:00.000Z",
"dateUpdated": "2024-11-19T19:17:07.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16764 (GCVE-0-2019-16764)
Vulnerability from cvelistv5 – Published: 2019-11-25 17:11 – Updated: 2024-08-05 01:24
VLAI
Title
PowAssent is susceptible to denial of service attacks
Summary
The use of `String.to_atom/1` in PowAssent is susceptible to denial of service attacks. In `PowAssent.Phoenix.AuthorizationController` a value is fetched from the user provided params, and `String.to_atom/1` is used to convert the binary value to an atom so it can be used to fetch the provider configuration value. This is unsafe as it is user provided data, and can be used to fill up the whole atom table of ~1M which will cause the app to crash.
Severity
6.5 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/pow-auth/pow_assent/security/a… | x_refsource_CONFIRM |
| https://hex.pm/packages/pow_assent | x_refsource_MISC |
| http://erlang.org/doc/efficiency_guide/commoncave… | x_refsource_MISC |
| https://github.com/pow-auth/pow_assent/commit/026… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| pow-auth | pow_assent |
Affected:
< 0.4.4 , < 0.4.4
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:24:47.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/pow-auth/pow_assent/security/advisories/GHSA-368c-xvrv-x986"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hex.pm/packages/pow_assent"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://erlang.org/doc/efficiency_guide/commoncaveats.html#list_to_atom-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pow-auth/pow_assent/commit/026105eeecc0e3c2f807e7109e745ea93c0fd9cf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "pow_assent",
"vendor": "pow-auth",
"versions": [
{
"lessThan": "0.4.4",
"status": "affected",
"version": "\u003c 0.4.4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The use of `String.to_atom/1` in PowAssent is susceptible to denial of service attacks. In `PowAssent.Phoenix.AuthorizationController` a value is fetched from the user provided params, and `String.to_atom/1` is used to convert the binary value to an atom so it can be used to fetch the provider configuration value. This is unsafe as it is user provided data, and can be used to fill up the whole atom table of ~1M which will cause the app to crash."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-25T17:11:19.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pow-auth/pow_assent/security/advisories/GHSA-368c-xvrv-x986"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hex.pm/packages/pow_assent"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://erlang.org/doc/efficiency_guide/commoncaveats.html#list_to_atom-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pow-auth/pow_assent/commit/026105eeecc0e3c2f807e7109e745ea93c0fd9cf"
}
],
"source": {
"advisory": "GHSA-368c-xvrv-x986",
"discovery": "UNKNOWN"
},
"title": "PowAssent is susceptible to denial of service attacks",
"workarounds": [
{
"lang": "en",
"value": "A plug can be used to validate conn.params[\u0026quot;provider\u0026quot;] before it reaches the PowAssent.Phoenix.AuthorizationController."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2019-16764",
"STATE": "PUBLIC",
"TITLE": "PowAssent is susceptible to denial of service attacks"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "pow_assent",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "\u003c 0.4.4",
"version_value": "0.4.4"
}
]
}
}
]
},
"vendor_name": "pow-auth"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The use of `String.to_atom/1` in PowAssent is susceptible to denial of service attacks. In `PowAssent.Phoenix.AuthorizationController` a value is fetched from the user provided params, and `String.to_atom/1` is used to convert the binary value to an atom so it can be used to fetch the provider configuration value. This is unsafe as it is user provided data, and can be used to fill up the whole atom table of ~1M which will cause the app to crash."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/pow-auth/pow_assent/security/advisories/GHSA-368c-xvrv-x986",
"refsource": "CONFIRM",
"url": "https://github.com/pow-auth/pow_assent/security/advisories/GHSA-368c-xvrv-x986"
},
{
"name": "https://hex.pm/packages/pow_assent",
"refsource": "MISC",
"url": "https://hex.pm/packages/pow_assent"
},
{
"name": "http://erlang.org/doc/efficiency_guide/commoncaveats.html#list_to_atom-1",
"refsource": "MISC",
"url": "http://erlang.org/doc/efficiency_guide/commoncaveats.html#list_to_atom-1"
},
{
"name": "https://github.com/pow-auth/pow_assent/commit/026105eeecc0e3c2f807e7109e745ea93c0fd9cf",
"refsource": "MISC",
"url": "https://github.com/pow-auth/pow_assent/commit/026105eeecc0e3c2f807e7109e745ea93c0fd9cf"
}
]
},
"source": {
"advisory": "GHSA-368c-xvrv-x986",
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "A plug can be used to validate conn.params[\u0026quot;provider\u0026quot;] before it reaches the PowAssent.Phoenix.AuthorizationController."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2019-16764",
"datePublished": "2019-11-25T17:11:19.000Z",
"dateReserved": "2019-09-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:24:47.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1696 (GCVE-0-2019-1696)
Vulnerability from cvelistv5 – Published: 2019-05-03 15:10 – Updated: 2024-11-19 19:09
VLAI
Title
Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities
Summary
Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.
Severity
7.5 (High)
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
| http://www.securityfocus.com/bid/108171 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Firepower Threat Defense Software |
Affected:
unspecified , < 6.2.3.12
(custom)
|
Date Public
2019-05-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:41.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190501 Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort"
},
{
"name": "108171",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108171"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1696",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:24:30.595617Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:09:35.484Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Firepower Threat Defense Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "6.2.3.12",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-07T13:06:06.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190501 Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort"
},
{
"name": "108171",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108171"
}
],
"source": {
"advisory": "cisco-sa-20190501-frpwr-smb-snort",
"defect": [
[
"CSCvj83264",
"CSCvj91418"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-01T16:00:00-0700",
"ID": "CVE-2019-1696",
"STATE": "PUBLIC",
"TITLE": "Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Threat Defense Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "6.2.3.12"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.5",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190501 Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort"
},
{
"name": "108171",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108171"
}
]
},
"source": {
"advisory": "cisco-sa-20190501-frpwr-smb-snort",
"defect": [
[
"CSCvj83264",
"CSCvj91418"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1696",
"datePublished": "2019-05-03T15:10:15.109Z",
"dateReserved": "2018-12-06T00:00:00.000Z",
"dateUpdated": "2024-11-19T19:09:35.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1703 (GCVE-0-2019-1703)
Vulnerability from cvelistv5 – Published: 2019-05-03 16:00 – Updated: 2024-11-19 19:09
VLAI
Title
Cisco Firepower Threat Defense Software Packet Processing Denial of Service Vulnerability
Summary
A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for the Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error, which may prevent ingress buffers from being replenished under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to consume all input buffers, which are shared between all interfaces, leading to a queue wedge condition in all active interfaces. This situation would cause an affected device to stop processing any incoming traffic and result in a DoS condition until the device is reloaded manually.
Severity
8.6 (High)
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
| http://www.securityfocus.com/bid/108170 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Firepower Threat Defense Software |
Affected:
unspecified , < 6.2.3.12
(custom)
|
Date Public
2019-05-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.326Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190501 Cisco Firepower Threat Defense Software Packet Processing Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-dos"
},
{
"name": "108170",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108170"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1703",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:24:26.054970Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:09:06.294Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Firepower Threat Defense Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "6.2.3.12",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for the Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error, which may prevent ingress buffers from being replenished under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to consume all input buffers, which are shared between all interfaces, leading to a queue wedge condition in all active interfaces. This situation would cause an affected device to stop processing any incoming traffic and result in a DoS condition until the device is reloaded manually."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-07T11:06:05.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190501 Cisco Firepower Threat Defense Software Packet Processing Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-dos"
},
{
"name": "108170",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108170"
}
],
"source": {
"advisory": "cisco-sa-20190501-frpwr-dos",
"defect": [
[
"CSCvj62504"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Firepower Threat Defense Software Packet Processing Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-01T16:00:00-0700",
"ID": "CVE-2019-1703",
"STATE": "PUBLIC",
"TITLE": "Cisco Firepower Threat Defense Software Packet Processing Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Threat Defense Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "6.2.3.12"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for the Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error, which may prevent ingress buffers from being replenished under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to consume all input buffers, which are shared between all interfaces, leading to a queue wedge condition in all active interfaces. This situation would cause an affected device to stop processing any incoming traffic and result in a DoS condition until the device is reloaded manually."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190501 Cisco Firepower Threat Defense Software Packet Processing Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-dos"
},
{
"name": "108170",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108170"
}
]
},
"source": {
"advisory": "cisco-sa-20190501-frpwr-dos",
"defect": [
[
"CSCvj62504"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1703",
"datePublished": "2019-05-03T16:00:26.411Z",
"dateReserved": "2018-12-06T00:00:00.000Z",
"dateUpdated": "2024-11-19T19:09:06.294Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1704 (GCVE-0-2019-1704)
Vulnerability from cvelistv5 – Published: 2019-05-03 16:00 – Updated: 2024-11-19 19:09
VLAI
Title
Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities
Summary
Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.
Severity
7.5 (High)
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
| http://www.securityfocus.com/bid/108171 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Firepower Threat Defense Software |
Affected:
unspecified , < 6.2.3.12
(custom)
|
Date Public
2019-05-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:41.709Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190501 Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort"
},
{
"name": "108171",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108171"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1704",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:24:27.983301Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:09:18.873Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Firepower Threat Defense Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "6.2.3.12",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-07T13:06:06.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190501 Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort"
},
{
"name": "108171",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108171"
}
],
"source": {
"advisory": "cisco-sa-20190501-frpwr-smb-snort",
"defect": [
[
"CSCvj83264",
"CSCvj91418"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-01T16:00:00-0700",
"ID": "CVE-2019-1704",
"STATE": "PUBLIC",
"TITLE": "Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Threat Defense Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "6.2.3.12"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.5",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190501 Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort"
},
{
"name": "108171",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108171"
}
]
},
"source": {
"advisory": "cisco-sa-20190501-frpwr-smb-snort",
"defect": [
[
"CSCvj83264",
"CSCvj91418"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1704",
"datePublished": "2019-05-03T16:00:18.730Z",
"dateReserved": "2018-12-06T00:00:00.000Z",
"dateUpdated": "2024-11-19T19:09:18.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1737 (GCVE-0-2019-1737)
Vulnerability from cvelistv5 – Published: 2019-03-27 23:05 – Updated: 2024-11-19 19:14
VLAI
Title
Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability
Summary
A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability is due to improper socket resources handling in the IP SLA responder application code. An attacker could exploit this vulnerability by sending crafted IP SLA packets to an affected device. An exploit could allow the attacker to cause an interface to become wedged, resulting in an eventual denial of service (DoS) condition on the affected device.
Severity
8.6 (High)
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
| http://www.securityfocus.com/bid/107604 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco IOS and IOS-XE Software |
Affected:
3.7.0S
Affected: 3.7.1S Affected: 3.7.2S Affected: 3.7.3S Affected: 3.7.4S Affected: 3.7.5S Affected: 3.7.6S Affected: 3.7.7S Affected: 3.7.8S Affected: 3.7.4aS Affected: 3.7.2tS Affected: 3.7.0bS Affected: 3.7.1aS Affected: 3.8.0S Affected: 3.8.1S Affected: 3.8.2S Affected: 3.9.1S Affected: 3.9.0S Affected: 3.9.2S Affected: 3.9.1aS Affected: 3.9.0aS Affected: 3.2.0SE Affected: 3.2.1SE Affected: 3.2.2SE Affected: 3.2.3SE Affected: 3.3.0SE Affected: 3.3.1SE Affected: 3.3.2SE Affected: 3.3.3SE Affected: 3.3.4SE Affected: 3.3.5SE Affected: 3.3.0XO Affected: 3.3.1XO Affected: 3.3.2XO Affected: 3.4.0SG Affected: 3.4.2SG Affected: 3.4.1SG Affected: 3.4.3SG Affected: 3.4.4SG Affected: 3.4.5SG Affected: 3.4.6SG Affected: 3.4.7SG Affected: 3.4.8SG Affected: 3.5.0E Affected: 3.5.1E Affected: 3.5.2E Affected: 3.5.3E Affected: 3.10.0S Affected: 3.10.1S Affected: 3.10.2S Affected: 3.10.3S Affected: 3.10.4S Affected: 3.10.5S Affected: 3.10.6S Affected: 3.10.2aS Affected: 3.10.2tS Affected: 3.10.7S Affected: 3.10.8S Affected: 3.10.8aS Affected: 3.10.9S Affected: 3.10.10S Affected: 3.11.1S Affected: 3.11.2S Affected: 3.11.0S Affected: 3.11.3S Affected: 3.11.4S Affected: 3.12.0S Affected: 3.12.1S Affected: 3.12.2S Affected: 3.12.3S Affected: 3.12.0aS Affected: 3.12.4S Affected: 3.13.0S Affected: 3.13.1S Affected: 3.13.2S Affected: 3.13.3S Affected: 3.13.4S Affected: 3.13.5S Affected: 3.13.2aS Affected: 3.13.0aS Affected: 3.13.5aS Affected: 3.13.6S Affected: 3.13.7S Affected: 3.13.6aS Affected: 3.13.6bS Affected: 3.13.7aS Affected: 3.13.8S Affected: 3.6.0E Affected: 3.6.1E Affected: 3.6.0aE Affected: 3.6.0bE Affected: 3.6.2aE Affected: 3.6.2E Affected: 3.6.3E Affected: 3.6.4E Affected: 3.6.5E Affected: 3.6.6E Affected: 3.6.5aE Affected: 3.6.5bE Affected: 3.6.7E Affected: 3.6.7aE Affected: 3.6.7bE Affected: 3.14.0S Affected: 3.14.1S Affected: 3.14.2S Affected: 3.14.3S Affected: 3.14.4S Affected: 3.15.0S Affected: 3.15.1S Affected: 3.15.2S Affected: 3.15.1cS Affected: 3.15.3S Affected: 3.15.4S Affected: 3.7.0E Affected: 3.7.1E Affected: 3.7.2E Affected: 3.7.3E Affected: 3.7.4E Affected: 3.7.5E Affected: 3.16.0S Affected: 3.16.1S Affected: 3.16.0aS Affected: 3.16.1aS Affected: 3.16.2S Affected: 3.16.2aS Affected: 3.16.0bS Affected: 3.16.0cS Affected: 3.16.3S Affected: 3.16.2bS Affected: 3.16.3aS Affected: 3.16.4S Affected: 3.16.4aS Affected: 3.16.4bS Affected: 3.16.4gS Affected: 3.16.5S Affected: 3.16.4cS Affected: 3.16.4dS Affected: 3.16.4eS Affected: 3.16.6S Affected: 3.16.5aS Affected: 3.16.5bS Affected: 3.16.6bS Affected: 3.17.0S Affected: 3.17.1S Affected: 3.17.2S Affected: 3.17.1aS Affected: 3.17.3S Affected: 3.17.4S Affected: 16.1.1 Affected: 16.1.2 Affected: 16.1.3 Affected: 3.2.0JA Affected: 16.2.1 Affected: 16.2.2 Affected: 3.8.0E Affected: 3.8.1E Affected: 3.8.2E Affected: 3.8.3E Affected: 3.8.4E Affected: 3.8.5E Affected: 3.8.5aE Affected: 16.3.1 Affected: 16.3.2 Affected: 16.3.3 Affected: 16.3.1a Affected: 16.3.4 Affected: 16.4.1 Affected: 16.4.2 Affected: 16.5.1 Affected: 16.5.1a Affected: 16.5.1b Affected: 16.5.2 Affected: 16.5.3 Affected: 3.18.0aS Affected: 3.18.0S Affected: 3.18.1S Affected: 3.18.2S Affected: 3.18.3S Affected: 3.18.4S Affected: 3.18.0SP Affected: 3.18.1SP Affected: 3.18.1aSP Affected: 3.18.1gSP Affected: 3.18.1bSP Affected: 3.18.1cSP Affected: 3.18.2SP Affected: 3.18.1hSP Affected: 3.18.2aSP Affected: 3.18.1iSP Affected: 3.9.0E Affected: 3.9.1E Affected: 3.9.2E Affected: 3.9.2bE Affected: 16.6.1 Affected: 3.10.0E Affected: 3.10.0cE |
Date Public
2019-03-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190327 Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ipsla-dos"
},
{
"name": "107604",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107604"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1737",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:25:10.803665Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:14:15.287Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS and IOS-XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.7.0S"
},
{
"status": "affected",
"version": "3.7.1S"
},
{
"status": "affected",
"version": "3.7.2S"
},
{
"status": "affected",
"version": "3.7.3S"
},
{
"status": "affected",
"version": "3.7.4S"
},
{
"status": "affected",
"version": "3.7.5S"
},
{
"status": "affected",
"version": "3.7.6S"
},
{
"status": "affected",
"version": "3.7.7S"
},
{
"status": "affected",
"version": "3.7.8S"
},
{
"status": "affected",
"version": "3.7.4aS"
},
{
"status": "affected",
"version": "3.7.2tS"
},
{
"status": "affected",
"version": "3.7.0bS"
},
{
"status": "affected",
"version": "3.7.1aS"
},
{
"status": "affected",
"version": "3.8.0S"
},
{
"status": "affected",
"version": "3.8.1S"
},
{
"status": "affected",
"version": "3.8.2S"
},
{
"status": "affected",
"version": "3.9.1S"
},
{
"status": "affected",
"version": "3.9.0S"
},
{
"status": "affected",
"version": "3.9.2S"
},
{
"status": "affected",
"version": "3.9.1aS"
},
{
"status": "affected",
"version": "3.9.0aS"
},
{
"status": "affected",
"version": "3.2.0SE"
},
{
"status": "affected",
"version": "3.2.1SE"
},
{
"status": "affected",
"version": "3.2.2SE"
},
{
"status": "affected",
"version": "3.2.3SE"
},
{
"status": "affected",
"version": "3.3.0SE"
},
{
"status": "affected",
"version": "3.3.1SE"
},
{
"status": "affected",
"version": "3.3.2SE"
},
{
"status": "affected",
"version": "3.3.3SE"
},
{
"status": "affected",
"version": "3.3.4SE"
},
{
"status": "affected",
"version": "3.3.5SE"
},
{
"status": "affected",
"version": "3.3.0XO"
},
{
"status": "affected",
"version": "3.3.1XO"
},
{
"status": "affected",
"version": "3.3.2XO"
},
{
"status": "affected",
"version": "3.4.0SG"
},
{
"status": "affected",
"version": "3.4.2SG"
},
{
"status": "affected",
"version": "3.4.1SG"
},
{
"status": "affected",
"version": "3.4.3SG"
},
{
"status": "affected",
"version": "3.4.4SG"
},
{
"status": "affected",
"version": "3.4.5SG"
},
{
"status": "affected",
"version": "3.4.6SG"
},
{
"status": "affected",
"version": "3.4.7SG"
},
{
"status": "affected",
"version": "3.4.8SG"
},
{
"status": "affected",
"version": "3.5.0E"
},
{
"status": "affected",
"version": "3.5.1E"
},
{
"status": "affected",
"version": "3.5.2E"
},
{
"status": "affected",
"version": "3.5.3E"
},
{
"status": "affected",
"version": "3.10.0S"
},
{
"status": "affected",
"version": "3.10.1S"
},
{
"status": "affected",
"version": "3.10.2S"
},
{
"status": "affected",
"version": "3.10.3S"
},
{
"status": "affected",
"version": "3.10.4S"
},
{
"status": "affected",
"version": "3.10.5S"
},
{
"status": "affected",
"version": "3.10.6S"
},
{
"status": "affected",
"version": "3.10.2aS"
},
{
"status": "affected",
"version": "3.10.2tS"
},
{
"status": "affected",
"version": "3.10.7S"
},
{
"status": "affected",
"version": "3.10.8S"
},
{
"status": "affected",
"version": "3.10.8aS"
},
{
"status": "affected",
"version": "3.10.9S"
},
{
"status": "affected",
"version": "3.10.10S"
},
{
"status": "affected",
"version": "3.11.1S"
},
{
"status": "affected",
"version": "3.11.2S"
},
{
"status": "affected",
"version": "3.11.0S"
},
{
"status": "affected",
"version": "3.11.3S"
},
{
"status": "affected",
"version": "3.11.4S"
},
{
"status": "affected",
"version": "3.12.0S"
},
{
"status": "affected",
"version": "3.12.1S"
},
{
"status": "affected",
"version": "3.12.2S"
},
{
"status": "affected",
"version": "3.12.3S"
},
{
"status": "affected",
"version": "3.12.0aS"
},
{
"status": "affected",
"version": "3.12.4S"
},
{
"status": "affected",
"version": "3.13.0S"
},
{
"status": "affected",
"version": "3.13.1S"
},
{
"status": "affected",
"version": "3.13.2S"
},
{
"status": "affected",
"version": "3.13.3S"
},
{
"status": "affected",
"version": "3.13.4S"
},
{
"status": "affected",
"version": "3.13.5S"
},
{
"status": "affected",
"version": "3.13.2aS"
},
{
"status": "affected",
"version": "3.13.0aS"
},
{
"status": "affected",
"version": "3.13.5aS"
},
{
"status": "affected",
"version": "3.13.6S"
},
{
"status": "affected",
"version": "3.13.7S"
},
{
"status": "affected",
"version": "3.13.6aS"
},
{
"status": "affected",
"version": "3.13.6bS"
},
{
"status": "affected",
"version": "3.13.7aS"
},
{
"status": "affected",
"version": "3.13.8S"
},
{
"status": "affected",
"version": "3.6.0E"
},
{
"status": "affected",
"version": "3.6.1E"
},
{
"status": "affected",
"version": "3.6.0aE"
},
{
"status": "affected",
"version": "3.6.0bE"
},
{
"status": "affected",
"version": "3.6.2aE"
},
{
"status": "affected",
"version": "3.6.2E"
},
{
"status": "affected",
"version": "3.6.3E"
},
{
"status": "affected",
"version": "3.6.4E"
},
{
"status": "affected",
"version": "3.6.5E"
},
{
"status": "affected",
"version": "3.6.6E"
},
{
"status": "affected",
"version": "3.6.5aE"
},
{
"status": "affected",
"version": "3.6.5bE"
},
{
"status": "affected",
"version": "3.6.7E"
},
{
"status": "affected",
"version": "3.6.7aE"
},
{
"status": "affected",
"version": "3.6.7bE"
},
{
"status": "affected",
"version": "3.14.0S"
},
{
"status": "affected",
"version": "3.14.1S"
},
{
"status": "affected",
"version": "3.14.2S"
},
{
"status": "affected",
"version": "3.14.3S"
},
{
"status": "affected",
"version": "3.14.4S"
},
{
"status": "affected",
"version": "3.15.0S"
},
{
"status": "affected",
"version": "3.15.1S"
},
{
"status": "affected",
"version": "3.15.2S"
},
{
"status": "affected",
"version": "3.15.1cS"
},
{
"status": "affected",
"version": "3.15.3S"
},
{
"status": "affected",
"version": "3.15.4S"
},
{
"status": "affected",
"version": "3.7.0E"
},
{
"status": "affected",
"version": "3.7.1E"
},
{
"status": "affected",
"version": "3.7.2E"
},
{
"status": "affected",
"version": "3.7.3E"
},
{
"status": "affected",
"version": "3.7.4E"
},
{
"status": "affected",
"version": "3.7.5E"
},
{
"status": "affected",
"version": "3.16.0S"
},
{
"status": "affected",
"version": "3.16.1S"
},
{
"status": "affected",
"version": "3.16.0aS"
},
{
"status": "affected",
"version": "3.16.1aS"
},
{
"status": "affected",
"version": "3.16.2S"
},
{
"status": "affected",
"version": "3.16.2aS"
},
{
"status": "affected",
"version": "3.16.0bS"
},
{
"status": "affected",
"version": "3.16.0cS"
},
{
"status": "affected",
"version": "3.16.3S"
},
{
"status": "affected",
"version": "3.16.2bS"
},
{
"status": "affected",
"version": "3.16.3aS"
},
{
"status": "affected",
"version": "3.16.4S"
},
{
"status": "affected",
"version": "3.16.4aS"
},
{
"status": "affected",
"version": "3.16.4bS"
},
{
"status": "affected",
"version": "3.16.4gS"
},
{
"status": "affected",
"version": "3.16.5S"
},
{
"status": "affected",
"version": "3.16.4cS"
},
{
"status": "affected",
"version": "3.16.4dS"
},
{
"status": "affected",
"version": "3.16.4eS"
},
{
"status": "affected",
"version": "3.16.6S"
},
{
"status": "affected",
"version": "3.16.5aS"
},
{
"status": "affected",
"version": "3.16.5bS"
},
{
"status": "affected",
"version": "3.16.6bS"
},
{
"status": "affected",
"version": "3.17.0S"
},
{
"status": "affected",
"version": "3.17.1S"
},
{
"status": "affected",
"version": "3.17.2S"
},
{
"status": "affected",
"version": "3.17.1aS"
},
{
"status": "affected",
"version": "3.17.3S"
},
{
"status": "affected",
"version": "3.17.4S"
},
{
"status": "affected",
"version": "16.1.1"
},
{
"status": "affected",
"version": "16.1.2"
},
{
"status": "affected",
"version": "16.1.3"
},
{
"status": "affected",
"version": "3.2.0JA"
},
{
"status": "affected",
"version": "16.2.1"
},
{
"status": "affected",
"version": "16.2.2"
},
{
"status": "affected",
"version": "3.8.0E"
},
{
"status": "affected",
"version": "3.8.1E"
},
{
"status": "affected",
"version": "3.8.2E"
},
{
"status": "affected",
"version": "3.8.3E"
},
{
"status": "affected",
"version": "3.8.4E"
},
{
"status": "affected",
"version": "3.8.5E"
},
{
"status": "affected",
"version": "3.8.5aE"
},
{
"status": "affected",
"version": "16.3.1"
},
{
"status": "affected",
"version": "16.3.2"
},
{
"status": "affected",
"version": "16.3.3"
},
{
"status": "affected",
"version": "16.3.1a"
},
{
"status": "affected",
"version": "16.3.4"
},
{
"status": "affected",
"version": "16.4.1"
},
{
"status": "affected",
"version": "16.4.2"
},
{
"status": "affected",
"version": "16.5.1"
},
{
"status": "affected",
"version": "16.5.1a"
},
{
"status": "affected",
"version": "16.5.1b"
},
{
"status": "affected",
"version": "16.5.2"
},
{
"status": "affected",
"version": "16.5.3"
},
{
"status": "affected",
"version": "3.18.0aS"
},
{
"status": "affected",
"version": "3.18.0S"
},
{
"status": "affected",
"version": "3.18.1S"
},
{
"status": "affected",
"version": "3.18.2S"
},
{
"status": "affected",
"version": "3.18.3S"
},
{
"status": "affected",
"version": "3.18.4S"
},
{
"status": "affected",
"version": "3.18.0SP"
},
{
"status": "affected",
"version": "3.18.1SP"
},
{
"status": "affected",
"version": "3.18.1aSP"
},
{
"status": "affected",
"version": "3.18.1gSP"
},
{
"status": "affected",
"version": "3.18.1bSP"
},
{
"status": "affected",
"version": "3.18.1cSP"
},
{
"status": "affected",
"version": "3.18.2SP"
},
{
"status": "affected",
"version": "3.18.1hSP"
},
{
"status": "affected",
"version": "3.18.2aSP"
},
{
"status": "affected",
"version": "3.18.1iSP"
},
{
"status": "affected",
"version": "3.9.0E"
},
{
"status": "affected",
"version": "3.9.1E"
},
{
"status": "affected",
"version": "3.9.2E"
},
{
"status": "affected",
"version": "3.9.2bE"
},
{
"status": "affected",
"version": "16.6.1"
},
{
"status": "affected",
"version": "3.10.0E"
},
{
"status": "affected",
"version": "3.10.0cE"
}
]
}
],
"datePublic": "2019-03-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability is due to improper socket resources handling in the IP SLA responder application code. An attacker could exploit this vulnerability by sending crafted IP SLA packets to an affected device. An exploit could allow the attacker to cause an interface to become wedged, resulting in an eventual denial of service (DoS) condition on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-28T11:06:06.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190327 Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ipsla-dos"
},
{
"name": "107604",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107604"
}
],
"source": {
"advisory": "cisco-sa-20190327-ipsla-dos",
"defect": [
[
"CSCvf37838"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-03-27T16:00:00-0700",
"ID": "CVE-2019-1737",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS and IOS-XE Software",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.7.0S"
},
{
"version_affected": "=",
"version_value": "3.7.1S"
},
{
"version_affected": "=",
"version_value": "3.7.2S"
},
{
"version_affected": "=",
"version_value": "3.7.3S"
},
{
"version_affected": "=",
"version_value": "3.7.4S"
},
{
"version_affected": "=",
"version_value": "3.7.5S"
},
{
"version_affected": "=",
"version_value": "3.7.6S"
},
{
"version_affected": "=",
"version_value": "3.7.7S"
},
{
"version_affected": "=",
"version_value": "3.7.8S"
},
{
"version_affected": "=",
"version_value": "3.7.4aS"
},
{
"version_affected": "=",
"version_value": "3.7.2tS"
},
{
"version_affected": "=",
"version_value": "3.7.0bS"
},
{
"version_affected": "=",
"version_value": "3.7.1aS"
},
{
"version_affected": "=",
"version_value": "3.8.0S"
},
{
"version_affected": "=",
"version_value": "3.8.1S"
},
{
"version_affected": "=",
"version_value": "3.8.2S"
},
{
"version_affected": "=",
"version_value": "3.9.1S"
},
{
"version_affected": "=",
"version_value": "3.9.0S"
},
{
"version_affected": "=",
"version_value": "3.9.2S"
},
{
"version_affected": "=",
"version_value": "3.9.1aS"
},
{
"version_affected": "=",
"version_value": "3.9.0aS"
},
{
"version_affected": "=",
"version_value": "3.2.0SE"
},
{
"version_affected": "=",
"version_value": "3.2.1SE"
},
{
"version_affected": "=",
"version_value": "3.2.2SE"
},
{
"version_affected": "=",
"version_value": "3.2.3SE"
},
{
"version_affected": "=",
"version_value": "3.3.0SE"
},
{
"version_affected": "=",
"version_value": "3.3.1SE"
},
{
"version_affected": "=",
"version_value": "3.3.2SE"
},
{
"version_affected": "=",
"version_value": "3.3.3SE"
},
{
"version_affected": "=",
"version_value": "3.3.4SE"
},
{
"version_affected": "=",
"version_value": "3.3.5SE"
},
{
"version_affected": "=",
"version_value": "3.3.0XO"
},
{
"version_affected": "=",
"version_value": "3.3.1XO"
},
{
"version_affected": "=",
"version_value": "3.3.2XO"
},
{
"version_affected": "=",
"version_value": "3.4.0SG"
},
{
"version_affected": "=",
"version_value": "3.4.2SG"
},
{
"version_affected": "=",
"version_value": "3.4.1SG"
},
{
"version_affected": "=",
"version_value": "3.4.3SG"
},
{
"version_affected": "=",
"version_value": "3.4.4SG"
},
{
"version_affected": "=",
"version_value": "3.4.5SG"
},
{
"version_affected": "=",
"version_value": "3.4.6SG"
},
{
"version_affected": "=",
"version_value": "3.4.7SG"
},
{
"version_affected": "=",
"version_value": "3.4.8SG"
},
{
"version_affected": "=",
"version_value": "3.5.0E"
},
{
"version_affected": "=",
"version_value": "3.5.1E"
},
{
"version_affected": "=",
"version_value": "3.5.2E"
},
{
"version_affected": "=",
"version_value": "3.5.3E"
},
{
"version_affected": "=",
"version_value": "3.10.0S"
},
{
"version_affected": "=",
"version_value": "3.10.1S"
},
{
"version_affected": "=",
"version_value": "3.10.2S"
},
{
"version_affected": "=",
"version_value": "3.10.3S"
},
{
"version_affected": "=",
"version_value": "3.10.4S"
},
{
"version_affected": "=",
"version_value": "3.10.5S"
},
{
"version_affected": "=",
"version_value": "3.10.6S"
},
{
"version_affected": "=",
"version_value": "3.10.2aS"
},
{
"version_affected": "=",
"version_value": "3.10.2tS"
},
{
"version_affected": "=",
"version_value": "3.10.7S"
},
{
"version_affected": "=",
"version_value": "3.10.8S"
},
{
"version_affected": "=",
"version_value": "3.10.8aS"
},
{
"version_affected": "=",
"version_value": "3.10.9S"
},
{
"version_affected": "=",
"version_value": "3.10.10S"
},
{
"version_affected": "=",
"version_value": "3.11.1S"
},
{
"version_affected": "=",
"version_value": "3.11.2S"
},
{
"version_affected": "=",
"version_value": "3.11.0S"
},
{
"version_affected": "=",
"version_value": "3.11.3S"
},
{
"version_affected": "=",
"version_value": "3.11.4S"
},
{
"version_affected": "=",
"version_value": "3.12.0S"
},
{
"version_affected": "=",
"version_value": "3.12.1S"
},
{
"version_affected": "=",
"version_value": "3.12.2S"
},
{
"version_affected": "=",
"version_value": "3.12.3S"
},
{
"version_affected": "=",
"version_value": "3.12.0aS"
},
{
"version_affected": "=",
"version_value": "3.12.4S"
},
{
"version_affected": "=",
"version_value": "3.13.0S"
},
{
"version_affected": "=",
"version_value": "3.13.1S"
},
{
"version_affected": "=",
"version_value": "3.13.2S"
},
{
"version_affected": "=",
"version_value": "3.13.3S"
},
{
"version_affected": "=",
"version_value": "3.13.4S"
},
{
"version_affected": "=",
"version_value": "3.13.5S"
},
{
"version_affected": "=",
"version_value": "3.13.2aS"
},
{
"version_affected": "=",
"version_value": "3.13.0aS"
},
{
"version_affected": "=",
"version_value": "3.13.5aS"
},
{
"version_affected": "=",
"version_value": "3.13.6S"
},
{
"version_affected": "=",
"version_value": "3.13.7S"
},
{
"version_affected": "=",
"version_value": "3.13.6aS"
},
{
"version_affected": "=",
"version_value": "3.13.6bS"
},
{
"version_affected": "=",
"version_value": "3.13.7aS"
},
{
"version_affected": "=",
"version_value": "3.13.8S"
},
{
"version_affected": "=",
"version_value": "3.6.0E"
},
{
"version_affected": "=",
"version_value": "3.6.1E"
},
{
"version_affected": "=",
"version_value": "3.6.0aE"
},
{
"version_affected": "=",
"version_value": "3.6.0bE"
},
{
"version_affected": "=",
"version_value": "3.6.2aE"
},
{
"version_affected": "=",
"version_value": "3.6.2E"
},
{
"version_affected": "=",
"version_value": "3.6.3E"
},
{
"version_affected": "=",
"version_value": "3.6.4E"
},
{
"version_affected": "=",
"version_value": "3.6.5E"
},
{
"version_affected": "=",
"version_value": "3.6.6E"
},
{
"version_affected": "=",
"version_value": "3.6.5aE"
},
{
"version_affected": "=",
"version_value": "3.6.5bE"
},
{
"version_affected": "=",
"version_value": "3.6.7E"
},
{
"version_affected": "=",
"version_value": "3.6.7aE"
},
{
"version_affected": "=",
"version_value": "3.6.7bE"
},
{
"version_affected": "=",
"version_value": "3.14.0S"
},
{
"version_affected": "=",
"version_value": "3.14.1S"
},
{
"version_affected": "=",
"version_value": "3.14.2S"
},
{
"version_affected": "=",
"version_value": "3.14.3S"
},
{
"version_affected": "=",
"version_value": "3.14.4S"
},
{
"version_affected": "=",
"version_value": "3.15.0S"
},
{
"version_affected": "=",
"version_value": "3.15.1S"
},
{
"version_affected": "=",
"version_value": "3.15.2S"
},
{
"version_affected": "=",
"version_value": "3.15.1cS"
},
{
"version_affected": "=",
"version_value": "3.15.3S"
},
{
"version_affected": "=",
"version_value": "3.15.4S"
},
{
"version_affected": "=",
"version_value": "3.7.0E"
},
{
"version_affected": "=",
"version_value": "3.7.1E"
},
{
"version_affected": "=",
"version_value": "3.7.2E"
},
{
"version_affected": "=",
"version_value": "3.7.3E"
},
{
"version_affected": "=",
"version_value": "3.7.4E"
},
{
"version_affected": "=",
"version_value": "3.7.5E"
},
{
"version_affected": "=",
"version_value": "3.16.0S"
},
{
"version_affected": "=",
"version_value": "3.16.1S"
},
{
"version_affected": "=",
"version_value": "3.16.0aS"
},
{
"version_affected": "=",
"version_value": "3.16.1aS"
},
{
"version_affected": "=",
"version_value": "3.16.2S"
},
{
"version_affected": "=",
"version_value": "3.16.2aS"
},
{
"version_affected": "=",
"version_value": "3.16.0bS"
},
{
"version_affected": "=",
"version_value": "3.16.0cS"
},
{
"version_affected": "=",
"version_value": "3.16.3S"
},
{
"version_affected": "=",
"version_value": "3.16.2bS"
},
{
"version_affected": "=",
"version_value": "3.16.3aS"
},
{
"version_affected": "=",
"version_value": "3.16.4S"
},
{
"version_affected": "=",
"version_value": "3.16.4aS"
},
{
"version_affected": "=",
"version_value": "3.16.4bS"
},
{
"version_affected": "=",
"version_value": "3.16.4gS"
},
{
"version_affected": "=",
"version_value": "3.16.5S"
},
{
"version_affected": "=",
"version_value": "3.16.4cS"
},
{
"version_affected": "=",
"version_value": "3.16.4dS"
},
{
"version_affected": "=",
"version_value": "3.16.4eS"
},
{
"version_affected": "=",
"version_value": "3.16.6S"
},
{
"version_affected": "=",
"version_value": "3.16.5aS"
},
{
"version_affected": "=",
"version_value": "3.16.5bS"
},
{
"version_affected": "=",
"version_value": "3.16.6bS"
},
{
"version_affected": "=",
"version_value": "3.17.0S"
},
{
"version_affected": "=",
"version_value": "3.17.1S"
},
{
"version_affected": "=",
"version_value": "3.17.2S"
},
{
"version_affected": "=",
"version_value": "3.17.1aS"
},
{
"version_affected": "=",
"version_value": "3.17.3S"
},
{
"version_affected": "=",
"version_value": "3.17.4S"
},
{
"version_affected": "=",
"version_value": "16.1.1"
},
{
"version_affected": "=",
"version_value": "16.1.2"
},
{
"version_affected": "=",
"version_value": "16.1.3"
},
{
"version_affected": "=",
"version_value": "3.2.0JA"
},
{
"version_affected": "=",
"version_value": "16.2.1"
},
{
"version_affected": "=",
"version_value": "16.2.2"
},
{
"version_affected": "=",
"version_value": "3.8.0E"
},
{
"version_affected": "=",
"version_value": "3.8.1E"
},
{
"version_affected": "=",
"version_value": "3.8.2E"
},
{
"version_affected": "=",
"version_value": "3.8.3E"
},
{
"version_affected": "=",
"version_value": "3.8.4E"
},
{
"version_affected": "=",
"version_value": "3.8.5E"
},
{
"version_affected": "=",
"version_value": "3.8.5aE"
},
{
"version_affected": "=",
"version_value": "16.3.1"
},
{
"version_affected": "=",
"version_value": "16.3.2"
},
{
"version_affected": "=",
"version_value": "16.3.3"
},
{
"version_affected": "=",
"version_value": "16.3.1a"
},
{
"version_affected": "=",
"version_value": "16.3.4"
},
{
"version_affected": "=",
"version_value": "16.4.1"
},
{
"version_affected": "=",
"version_value": "16.4.2"
},
{
"version_affected": "=",
"version_value": "16.5.1"
},
{
"version_affected": "=",
"version_value": "16.5.1a"
},
{
"version_affected": "=",
"version_value": "16.5.1b"
},
{
"version_affected": "=",
"version_value": "16.5.2"
},
{
"version_affected": "=",
"version_value": "16.5.3"
},
{
"version_affected": "=",
"version_value": "3.18.0aS"
},
{
"version_affected": "=",
"version_value": "3.18.0S"
},
{
"version_affected": "=",
"version_value": "3.18.1S"
},
{
"version_affected": "=",
"version_value": "3.18.2S"
},
{
"version_affected": "=",
"version_value": "3.18.3S"
},
{
"version_affected": "=",
"version_value": "3.18.4S"
},
{
"version_affected": "=",
"version_value": "3.18.0SP"
},
{
"version_affected": "=",
"version_value": "3.18.1SP"
},
{
"version_affected": "=",
"version_value": "3.18.1aSP"
},
{
"version_affected": "=",
"version_value": "3.18.1gSP"
},
{
"version_affected": "=",
"version_value": "3.18.1bSP"
},
{
"version_affected": "=",
"version_value": "3.18.1cSP"
},
{
"version_affected": "=",
"version_value": "3.18.2SP"
},
{
"version_affected": "=",
"version_value": "3.18.1hSP"
},
{
"version_affected": "=",
"version_value": "3.18.2aSP"
},
{
"version_affected": "=",
"version_value": "3.18.1iSP"
},
{
"version_affected": "=",
"version_value": "3.9.0E"
},
{
"version_affected": "=",
"version_value": "3.9.1E"
},
{
"version_affected": "=",
"version_value": "3.9.2E"
},
{
"version_affected": "=",
"version_value": "3.9.2bE"
},
{
"version_affected": "=",
"version_value": "16.6.1"
},
{
"version_affected": "=",
"version_value": "3.10.0E"
},
{
"version_affected": "=",
"version_value": "3.10.0cE"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability is due to improper socket resources handling in the IP SLA responder application code. An attacker could exploit this vulnerability by sending crafted IP SLA packets to an affected device. An exploit could allow the attacker to cause an interface to become wedged, resulting in an eventual denial of service (DoS) condition on the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190327 Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ipsla-dos"
},
{
"name": "107604",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107604"
}
]
},
"source": {
"advisory": "cisco-sa-20190327-ipsla-dos",
"defect": [
[
"CSCvf37838"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1737",
"datePublished": "2019-03-27T23:05:13.764Z",
"dateReserved": "2018-12-06T00:00:00.000Z",
"dateUpdated": "2024-11-19T19:14:15.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1814 (GCVE-0-2019-1814)
Vulnerability from cvelistv5 – Published: 2019-05-15 23:45 – Updated: 2024-11-21 19:25
VLAI
Title
Cisco Small Business 300 Series Managed Switches DHCP Denial of Service Vulnerability
Summary
A vulnerability in the interactions between the DHCP and TFTP features for Cisco Small Business 300 Series (Sx300) Managed Switches could allow an unauthenticated, remote attacker to cause the device to become low on system memory, which in turn could lead to an unexpected reload of the device and result in a denial of service (DoS) condition on an affected device. The vulnerability is due to a failure to free system memory when an unexpected DHCP request is received. An attacker could exploit this vulnerability by sending a crafted DHCP packet to the targeted device. A successful exploit could allow the attacker to cause an unexpected reload of the device.
Severity
6.8 (Medium)
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
| http://www.securityfocus.com/bid/108344 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Small Business 300 Series Managed Switches |
Affected:
1.4.0.88
|
Date Public
2019-05-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco Small Business 300 Series Managed Switches DHCP Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-sb300sms-dhcp"
},
{
"name": "108344",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108344"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1814",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:58:31.696603Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:25:40.906Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Small Business 300 Series Managed Switches",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.4.0.88"
}
]
}
],
"datePublic": "2019-05-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the interactions between the DHCP and TFTP features for Cisco Small Business 300 Series (Sx300) Managed Switches could allow an unauthenticated, remote attacker to cause the device to become low on system memory, which in turn could lead to an unexpected reload of the device and result in a denial of service (DoS) condition on an affected device. The vulnerability is due to a failure to free system memory when an unexpected DHCP request is received. An attacker could exploit this vulnerability by sending a crafted DHCP packet to the targeted device. A successful exploit could allow the attacker to cause an unexpected reload of the device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-16T13:06:32.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco Small Business 300 Series Managed Switches DHCP Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-sb300sms-dhcp"
},
{
"name": "108344",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108344"
}
],
"source": {
"advisory": "cisco-sa-20190515-sb300sms-dhcp",
"defect": [
[
"CSCvn17215"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Small Business 300 Series Managed Switches DHCP Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1814",
"STATE": "PUBLIC",
"TITLE": "Cisco Small Business 300 Series Managed Switches DHCP Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Small Business 300 Series Managed Switches",
"version": {
"version_data": [
{
"version_value": "1.4.0.88"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the interactions between the DHCP and TFTP features for Cisco Small Business 300 Series (Sx300) Managed Switches could allow an unauthenticated, remote attacker to cause the device to become low on system memory, which in turn could lead to an unexpected reload of the device and result in a denial of service (DoS) condition on an affected device. The vulnerability is due to a failure to free system memory when an unexpected DHCP request is received. An attacker could exploit this vulnerability by sending a crafted DHCP packet to the targeted device. A successful exploit could allow the attacker to cause an unexpected reload of the device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.8",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco Small Business 300 Series Managed Switches DHCP Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-sb300sms-dhcp"
},
{
"name": "108344",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108344"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-sb300sms-dhcp",
"defect": [
[
"CSCvn17215"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1814",
"datePublished": "2019-05-15T23:45:15.298Z",
"dateReserved": "2018-12-06T00:00:00.000Z",
"dateUpdated": "2024-11-21T19:25:40.906Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18336 (GCVE-0-2019-18336)
Vulnerability from cvelistv5 – Published: 2020-03-10 19:16 – Updated: 2024-08-05 01:54
VLAI
Summary
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC TDC CP51M1 (All versions < V1.1.8), SIMATIC TDC CPU555 (All versions < V1.1.1), SINUMERIK 840D sl (All versions < V4.8.6), SINUMERIK 840D sl (All versions < V4.94). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. At the time of advisory publication no public exploitation of this security vulnerability was known.
Severity
No CVSS data available.
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_MISC |
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens AG | SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) |
Affected:
All versions < V3.X.17
|
|
| Siemens AG | SIMATIC TDC CP51M1 |
Affected:
All versions < V1.1.8
|
|
| Siemens AG | SIMATIC TDC CPU555 |
Affected:
All versions < V1.1.1
|
|
| Siemens AG | SINUMERIK 840D sl |
Affected:
All versions < V4.8.6
|
|
| Siemens AG | SINUMERIK 840D sl |
Affected:
All versions < V4.94
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:54:14.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508982.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.X.17"
}
]
},
{
"product": "SIMATIC TDC CP51M1",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.1.8"
}
]
},
{
"product": "SIMATIC TDC CPU555",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.1.1"
}
]
},
{
"product": "SINUMERIK 840D sl",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.8.6"
}
]
},
{
"product": "SINUMERIK 840D sl",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.94"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V3.X.17), SIMATIC TDC CP51M1 (All versions \u003c V1.1.8), SIMATIC TDC CPU555 (All versions \u003c V1.1.1), SINUMERIK 840D sl (All versions \u003c V4.8.6), SINUMERIK 840D sl (All versions \u003c V4.94). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-14T13:18:04.000Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508982.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-18336",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.X.17"
}
]
}
},
{
"product_name": "SIMATIC TDC CP51M1",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V1.1.8"
}
]
}
},
{
"product_name": "SIMATIC TDC CPU555",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V1.1.1"
}
]
}
},
{
"product_name": "SINUMERIK 840D sl",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V4.8.6"
}
]
}
},
{
"product_name": "SINUMERIK 840D sl",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V4.94"
}
]
}
}
]
},
"vendor_name": "Siemens AG"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V3.X.17), SIMATIC TDC CP51M1 (All versions \u003c V1.1.8), SIMATIC TDC CPU555 (All versions \u003c V1.1.1), SINUMERIK 840D sl (All versions \u003c V4.8.6), SINUMERIK 840D sl (All versions \u003c V4.94). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-508982.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508982.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-18336",
"datePublished": "2020-03-10T19:16:17.000Z",
"dateReserved": "2019-10-23T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:54:14.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1873 (GCVE-0-2019-1873)
Vulnerability from cvelistv5 – Published: 2019-07-10 17:30 – Updated: 2024-11-19 19:02
VLAI
Title
Cisco ASA and FTD Software Cryptographic TLS and SSL Driver Denial of Service Vulnerability
Summary
A vulnerability in the cryptographic driver for Cisco Adaptive Security Appliance Software (ASA) and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reboot unexpectedly. The vulnerability is due to incomplete input validation of a Secure Sockets Layer (SSL) or Transport Layer Security (TLS) ingress packet header. An attacker could exploit this vulnerability by sending a crafted TLS/SSL packet to an interface on the targeted device. An exploit could allow the attacker to cause the device to reload, which will result in a denial of service (DoS) condition. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. A valid SSL or TLS session is required to exploit this vulnerability.
Severity
8.6 (High)
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
| http://www.securityfocus.com/bid/109123 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Affected:
unspecified , < 9.4.4.36
(custom)
Affected: unspecified , < 9.6.4.29 (custom) Affected: unspecified , < 9.8.4.3 (custom) Affected: unspecified , < 9.9.2.52 (custom) Affected: unspecified , < 9.10.1.22 (custom) Affected: unspecified , < 9.12.2 (custom) |
Date Public
2019-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190710 Cisco ASA and FTD Software Cryptographic TLS and SSL Driver Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190710-asa-ftd-dos"
},
{
"name": "109123",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/109123"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1873",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:23:38.971572Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:02:44.121Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "9.4.4.36",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "9.6.4.29",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "9.8.4.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "9.9.2.52",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "9.10.1.22",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "9.12.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the cryptographic driver for Cisco Adaptive Security Appliance Software (ASA) and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reboot unexpectedly. The vulnerability is due to incomplete input validation of a Secure Sockets Layer (SSL) or Transport Layer Security (TLS) ingress packet header. An attacker could exploit this vulnerability by sending a crafted TLS/SSL packet to an interface on the targeted device. An exploit could allow the attacker to cause the device to reload, which will result in a denial of service (DoS) condition. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. A valid SSL or TLS session is required to exploit this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-12T12:06:04.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190710 Cisco ASA and FTD Software Cryptographic TLS and SSL Driver Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190710-asa-ftd-dos"
},
{
"name": "109123",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/109123"
}
],
"source": {
"advisory": "cisco-sa-20190710-asa-ftd-dos",
"defect": [
[
"CSCvp36425"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco ASA and FTD Software Cryptographic TLS and SSL Driver Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-07-10T16:00:00-0700",
"ID": "CVE-2019-1873",
"STATE": "PUBLIC",
"TITLE": "Cisco ASA and FTD Software Cryptographic TLS and SSL Driver Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "9.4.4.36"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "9.4.4.36"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "9.6.4.29"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "9.8.4.3"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "9.9.2.52"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "9.10.1.22"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "9.12.2"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the cryptographic driver for Cisco Adaptive Security Appliance Software (ASA) and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reboot unexpectedly. The vulnerability is due to incomplete input validation of a Secure Sockets Layer (SSL) or Transport Layer Security (TLS) ingress packet header. An attacker could exploit this vulnerability by sending a crafted TLS/SSL packet to an interface on the targeted device. An exploit could allow the attacker to cause the device to reload, which will result in a denial of service (DoS) condition. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. A valid SSL or TLS session is required to exploit this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190710 Cisco ASA and FTD Software Cryptographic TLS and SSL Driver Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190710-asa-ftd-dos"
},
{
"name": "109123",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/109123"
}
]
},
"source": {
"advisory": "cisco-sa-20190710-asa-ftd-dos",
"defect": [
[
"CSCvp36425"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1873",
"datePublished": "2019-07-10T17:30:12.398Z",
"dateReserved": "2018-12-06T00:00:00.000Z",
"dateUpdated": "2024-11-19T19:02:44.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18904 (GCVE-0-2019-18904)
Vulnerability from cvelistv5 – Published: 2020-04-03 07:10 – Updated: 2024-09-16 16:58
VLAI
Title
Migrations requests can cause DoS on rmt
Summary
A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Public Cloud 15-SP1, SUSE Linux Enterprise Module for Server Applications 15, SUSE Linux Enterprise Module for Server Applications 15-SP1, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1 allows remote attackers to cause DoS against rmt by requesting migrations. This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise High Performance Computing 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Public Cloud 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Module for Server Applications 15 rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Server Applications 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Server 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.5.2-3.26.1. openSUSE Leap 15.1 rmt-server versions prior to 2.5.2-lp151.2.9.1.
Severity
6.5 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://bugzilla.suse.com/show_bug.cgi?id=1160922 | x_refsource_CONFIRM |
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| SUSE | SUSE Linux Enterprise High Performance Computing 15-ESPOS |
Affected:
rmt-server , < 2.5.2-3.26.1
(custom)
|
|
| SUSE | SUSE Linux Enterprise High Performance Computing 15-LTSS |
Affected:
rmt-server , < 2.5.2-3.26.1
(custom)
|
|
| SUSE | SUSE Linux Enterprise Module for Public Cloud 15-SP1 |
Affected:
rmt-server , < 2.5.2-3.9.1
(custom)
|
|
| SUSE | SUSE Linux Enterprise Module for Server Applications 15 |
Affected:
rmt-server , < 2.5.2-3.26.1
(custom)
|
|
| SUSE | SUSE Linux Enterprise Module for Server Applications 15-SP1 |
Affected:
rmt-server , < 2.5.2-3.9.1
(custom)
|
|
| SUSE | SUSE Linux Enterprise Server 15-LTSS |
Affected:
rmt-server , < 2.5.2-3.26.1
(custom)
|
|
| SUSE | SUSE Linux Enterprise Server for SAP 15 |
Affected:
rmt-server , < 2.5.2-3.26.1
(custom)
|
|
| openSUSE | openSUSE Leap 15.1 |
Affected:
rmt-server , < 2.5.2-lp151.2.9.1
(custom)
|
Date Public
2020-04-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1160922"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"vendor": "SUSE",
"versions": [
{
"lessThan": "2.5.2-3.26.1",
"status": "affected",
"version": "rmt-server",
"versionType": "custom"
}
]
},
{
"product": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"vendor": "SUSE",
"versions": [
{
"lessThan": "2.5.2-3.26.1",
"status": "affected",
"version": "rmt-server",
"versionType": "custom"
}
]
},
{
"product": "SUSE Linux Enterprise Module for Public Cloud 15-SP1",
"vendor": "SUSE",
"versions": [
{
"lessThan": "2.5.2-3.9.1",
"status": "affected",
"version": "rmt-server",
"versionType": "custom"
}
]
},
{
"product": "SUSE Linux Enterprise Module for Server Applications 15",
"vendor": "SUSE",
"versions": [
{
"lessThan": "2.5.2-3.26.1",
"status": "affected",
"version": "rmt-server",
"versionType": "custom"
}
]
},
{
"product": "SUSE Linux Enterprise Module for Server Applications 15-SP1",
"vendor": "SUSE",
"versions": [
{
"lessThan": "2.5.2-3.9.1",
"status": "affected",
"version": "rmt-server",
"versionType": "custom"
}
]
},
{
"product": "SUSE Linux Enterprise Server 15-LTSS",
"vendor": "SUSE",
"versions": [
{
"lessThan": "2.5.2-3.26.1",
"status": "affected",
"version": "rmt-server",
"versionType": "custom"
}
]
},
{
"product": "SUSE Linux Enterprise Server for SAP 15",
"vendor": "SUSE",
"versions": [
{
"lessThan": "2.5.2-3.26.1",
"status": "affected",
"version": "rmt-server",
"versionType": "custom"
}
]
},
{
"product": "openSUSE Leap 15.1",
"vendor": "openSUSE",
"versions": [
{
"lessThan": "2.5.2-lp151.2.9.1",
"status": "affected",
"version": "rmt-server",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-04-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Public Cloud 15-SP1, SUSE Linux Enterprise Module for Server Applications 15, SUSE Linux Enterprise Module for Server Applications 15-SP1, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1 allows remote attackers to cause DoS against rmt by requesting migrations. This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise High Performance Computing 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Public Cloud 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Module for Server Applications 15 rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Server Applications 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Server 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.5.2-3.26.1. openSUSE Leap 15.1 rmt-server versions prior to 2.5.2-lp151.2.9.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-03T07:10:13.000Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1160922"
}
],
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1160922",
"defect": [
"1160922"
],
"discovery": "USER"
},
"title": "Migrations requests can cause DoS on rmt",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2020-04-03T00:00:00.000Z",
"ID": "CVE-2019-18904",
"STATE": "PUBLIC",
"TITLE": "Migrations requests can cause DoS on rmt"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "rmt-server",
"version_value": "2.5.2-3.26.1"
}
]
}
},
{
"product_name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "rmt-server",
"version_value": "2.5.2-3.26.1"
}
]
}
},
{
"product_name": "SUSE Linux Enterprise Module for Public Cloud 15-SP1",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "rmt-server",
"version_value": "2.5.2-3.9.1"
}
]
}
},
{
"product_name": "SUSE Linux Enterprise Module for Server Applications 15",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "rmt-server",
"version_value": "2.5.2-3.26.1"
}
]
}
},
{
"product_name": "SUSE Linux Enterprise Module for Server Applications 15-SP1",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "rmt-server",
"version_value": "2.5.2-3.9.1"
}
]
}
},
{
"product_name": "SUSE Linux Enterprise Server 15-LTSS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "rmt-server",
"version_value": "2.5.2-3.26.1"
}
]
}
},
{
"product_name": "SUSE Linux Enterprise Server for SAP 15",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "rmt-server",
"version_value": "2.5.2-3.26.1"
}
]
}
}
]
},
"vendor_name": "SUSE"
},
{
"product": {
"product_data": [
{
"product_name": "openSUSE Leap 15.1",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "rmt-server",
"version_value": "2.5.2-lp151.2.9.1"
}
]
}
}
]
},
"vendor_name": "openSUSE"
}
]
}
},
"credit": [
{
"lang": "eng"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Public Cloud 15-SP1, SUSE Linux Enterprise Module for Server Applications 15, SUSE Linux Enterprise Module for Server Applications 15-SP1, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1 allows remote attackers to cause DoS against rmt by requesting migrations. This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise High Performance Computing 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Public Cloud 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Module for Server Applications 15 rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Server Applications 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Server 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.5.2-3.26.1. openSUSE Leap 15.1 rmt-server versions prior to 2.5.2-lp151.2.9.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1160922",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1160922"
}
]
},
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1160922",
"defect": [
"1160922"
],
"discovery": "USER"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2019-18904",
"datePublished": "2020-04-03T07:10:13.137Z",
"dateReserved": "2019-11-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:58:59.728Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Architecture and Design
Description:
- Design throttling mechanisms into the system architecture. The best protection is to limit the amount of resources that an unauthorized user can cause to be expended. A strong authentication and access control model will help prevent such attacks from occurring in the first place. The login application should be protected against DoS attacks as much as possible. Limiting the database access, perhaps by caching result sets, can help minimize the resources expended. To further limit the potential for a DoS attack, consider tracking the rate of requests received from users and blocking requests that exceed a defined rate threshold.
Mitigation
Phase: Architecture and Design
Description:
- Mitigation of resource exhaustion attacks requires that the target system either:
- The first of these solutions is an issue in itself though, since it may allow attackers to prevent the use of the system by a particular valid user. If the attacker impersonates the valid user, they may be able to prevent the user from accessing the server in question.
- The second solution is simply difficult to effectively institute -- and even when properly done, it does not provide a full solution. It simply makes the attack require more resources on the part of the attacker.
- recognizes the attack and denies that user further access for a given amount of time, or
- uniformly throttles all requests in order to make it more difficult to consume resources more quickly than they can again be freed.
Mitigation
Phase: Architecture and Design
Description:
- Ensure that protocols have specific limits of scale placed on them.
Mitigation
Phase: Implementation
Description:
- Ensure that all failures in resource allocation place the system into a safe posture.
CAPEC-147: XML Ping of the Death
An attacker initiates a resource depletion attack where a large number of small XML messages are delivered at a sufficiently rapid rate to cause a denial of service or crash of the target. Transactions such as repetitive SOAP transactions can deplete resources faster than a simple flooding attack because of the additional resources used by the SOAP protocol and the resources necessary to process SOAP messages. The transactions used are immaterial as long as they cause resource utilization on the target. In other words, this is a normal flooding attack augmented by using messages that will require extra processing on the target.
CAPEC-227: Sustained Client Engagement
An adversary attempts to deny legitimate users access to a resource by continually engaging a specific resource in an attempt to keep the resource tied up as long as possible. The adversary's primary goal is not to crash or flood the target, which would alert defenders; rather it is to repeatedly perform actions or abuse algorithmic flaws such that a given resource is tied up and not available to a legitimate user. By carefully crafting a requests that keep the resource engaged through what is seemingly benign requests, legitimate users are limited or completely denied access to the resource.
CAPEC-492: Regular Expression Exponential Blowup
An adversary may execute an attack on a program that uses a poor Regular Expression(Regex) implementation by choosing input that results in an extreme situation for the Regex. A typical extreme situation operates at exponential time compared to the input size. This is due to most implementations using a Nondeterministic Finite Automaton(NFA) state machine to be built by the Regex algorithm since NFA allows backtracking and thus more complex regular expressions.