Vulnerability-Lookup

BDU:2019-03287

Vulnerability from fstec - Published: 28.08.2019

Title

Уязвимость реализации протокола SNMP сетевых операционных систем NX-OS и FX-OS, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость реализации протокола SNMP сетевых операционных систем NX-OS и FX-OS существует из-за недостаточной проверки входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании при помощи специально сформированного SNMP-пакета

Severity ?


                    
                      AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Vendor

Cisco Systems Inc.

Software Name

NX-OS, FX-OS

Software Version

от 8.1 до 8.2(3) (NX-OS), от 8.2 до 8.2(3) (NX-OS), от 7.0(3)I4 до 7.0(3)I4(9) (NX-OS), от 7.0(3)I7 до 7.0(3)I7(6) (NX-OS), от 8.3 до 8.3(2) (NX-OS), до 6.2(22) (NX-OS), от 8.0 до 8.2(3) (NX-OS), до 5.2 включительно (NX-OS), от 7.3 до 8.3(2) (NX-OS), до 2.2.2.91 (FX-OS), от 2.3 до 2.3.1.130 (FX-OS), от 2.4 до 2.4.1.222 (FX-OS), от 8.1 до 8.3(2) (NX-OS), от 8.2 до 8.3(2) (NX-OS), от 9.2 до 9.2(3) (NX-OS), от 7.0(3)F до 9.2(3) (NX-OS), от 7.2 до 7.3(4)D1(1) (NX-OS), от 7.3 до 7.3(4)D1(1) (NX-OS), до 7.1(5)N1(1b) (NX-OS), от 7.3 до 7.3(5)N1(1) (NX-OS), от 5.2 до 6.2(29) (NX-OS), от 6.2 до 6.2(29) (NX-OS), от 5.2 до 5.2(1)SV5(1.2) (Nexus 1000 Virtual Edge for VMware vSphere) (NX-OS), до 5.2(1)SV3(4.1a) (NX-OS), от 7.1 до 7.1(5)N1(1b) (NX-OS), до 13.2(7k) (NX-OS), от 13.1 до 13.2(7k) (NX-OS), от 13.2 до 13.2(7k) (NX-OS), от 14.0 до 14.0(2c) (NX-OS), от 14.1 до 14.1(1i) (NX-OS), до 3.2 включительно (NX-OS), 4.0 (NX-OS)

Possible Mitigations

Использование рекомендаций: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos https://nvd.nist.gov/vuln/detail/CVE-2019-1963

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 8.1 \u0434\u043e 8.2(3) (NX-OS), \u043e\u0442 8.2 \u0434\u043e 8.2(3) (NX-OS), \u043e\u0442 7.0(3)I4 \u0434\u043e 7.0(3)I4(9) (NX-OS), \u043e\u0442 7.0(3)I7 \u0434\u043e 7.0(3)I7(6) (NX-OS), \u043e\u0442 8.3 \u0434\u043e 8.3(2) (NX-OS), \u0434\u043e 6.2(22) (NX-OS), \u043e\u0442 8.0 \u0434\u043e 8.2(3) (NX-OS), \u0434\u043e 5.2 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (NX-OS), \u043e\u0442 7.3 \u0434\u043e 8.3(2) (NX-OS), \u0434\u043e 2.2.2.91 (FX-OS), \u043e\u0442 2.3 \u0434\u043e 2.3.1.130 (FX-OS), \u043e\u0442 2.4 \u0434\u043e 2.4.1.222 (FX-OS), \u043e\u0442 8.1 \u0434\u043e 8.3(2) (NX-OS), \u043e\u0442 8.2 \u0434\u043e 8.3(2) (NX-OS), \u043e\u0442 9.2 \u0434\u043e 9.2(3) (NX-OS), \u043e\u0442 7.0(3)F \u0434\u043e 9.2(3) (NX-OS), \u043e\u0442 7.2 \u0434\u043e 7.3(4)D1(1) (NX-OS), \u043e\u0442 7.3 \u0434\u043e 7.3(4)D1(1) (NX-OS), \u0434\u043e 7.1(5)N1(1b) (NX-OS), \u043e\u0442 7.3 \u0434\u043e 7.3(5)N1(1) (NX-OS), \u043e\u0442 5.2 \u0434\u043e 6.2(29) (NX-OS), \u043e\u0442 6.2 \u0434\u043e 6.2(29) (NX-OS), \u043e\u0442 5.2 \u0434\u043e 5.2(1)SV5(1.2) (Nexus 1000 Virtual Edge for VMware vSphere) (NX-OS), \u0434\u043e 5.2(1)SV3(4.1a) (NX-OS), \u043e\u0442 7.1 \u0434\u043e 7.1(5)N1(1b) (NX-OS), \u0434\u043e 13.2(7k) (NX-OS), \u043e\u0442 13.1 \u0434\u043e 13.2(7k) (NX-OS), \u043e\u0442 13.2 \u0434\u043e 13.2(7k) (NX-OS), \u043e\u0442 14.0 \u0434\u043e 14.0(2c) (NX-OS), \u043e\u0442 14.1 \u0434\u043e 14.1(1i) (NX-OS), \u0434\u043e 3.2 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (NX-OS), 4.0 (NX-OS)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "28.08.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "27.09.2019",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-03287",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-1963",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "NX-OS, FX-OS",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Cisco Systems Inc. NX-OS \u043e\u0442 8.1 \u0434\u043e 8.2(3) Nexus 7000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 8.1 \u0434\u043e 8.2(3) Nexus 7700 Series, Cisco Systems Inc. NX-OS \u043e\u0442 8.2 \u0434\u043e 8.2(3) Nexus 7000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 8.2 \u0434\u043e 8.2(3) Nexus 7700 Series, Cisco Systems Inc. NX-OS \u043e\u0442 7.0(3)I4 \u0434\u043e 7.0(3)I4(9) Nexus 3000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 7.0(3)I7 \u0434\u043e 7.0(3)I7(6) Nexus 3000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 7.0(3)I4 \u0434\u043e 7.0(3)I4(9) Nexus 3500 Platform, Cisco Systems Inc. NX-OS \u043e\u0442 7.0(3)I7 \u0434\u043e 7.0(3)I7(6) Nexus 3500 Platform, Cisco Systems Inc. NX-OS \u043e\u0442 8.3 \u0434\u043e 8.3(2) Nexus 7000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 8.3 \u0434\u043e 8.3(2) Nexus 7700 Series, Cisco Systems Inc. NX-OS \u0434\u043e 6.2(22) Nexus 7000 Series, Cisco Systems Inc. NX-OS \u0434\u043e 6.2(22) Nexus 7700 Series, Cisco Systems Inc. NX-OS \u043e\u0442 8.0 \u0434\u043e 8.2(3) Nexus 7000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 8.0 \u0434\u043e 8.2(3) Nexus 7700 Series, Cisco Systems Inc. NX-OS \u0434\u043e 5.2 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e Nexus 1000V for Microsoft Hyper-V, Cisco Systems Inc. NX-OS \u043e\u0442 7.3 \u0434\u043e 8.3(2) MDS 9000 Series, Cisco Systems Inc. FX-OS \u0434\u043e 2.2.2.91 Firepower 4100 Series, Cisco Systems Inc. FX-OS \u0434\u043e 2.2.2.91 Firepower 9300 Security Appliances, Cisco Systems Inc. FX-OS \u043e\u0442 2.3 \u0434\u043e 2.3.1.130 Firepower 4100 Series, Cisco Systems Inc. FX-OS \u043e\u0442 2.3 \u0434\u043e 2.3.1.130 Firepower 9300 Security Appliances, Cisco Systems Inc. FX-OS \u043e\u0442 2.4 \u0434\u043e 2.4.1.222 Firepower 4100 Series, Cisco Systems Inc. FX-OS \u043e\u0442 2.4 \u0434\u043e 2.4.1.222 Firepower 9300 Security Appliances, Cisco Systems Inc. NX-OS \u043e\u0442 8.1 \u0434\u043e 8.3(2) MDS 9000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 8.2 \u0434\u043e 8.3(2) MDS 9000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 8.3 \u0434\u043e 8.3(2) MDS 9000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 9.2 \u0434\u043e 9.2(3) Nexus 3000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 9.2 \u0434\u043e 9.2(3) Nexus 3500 Platform, Cisco Systems Inc. NX-OS \u043e\u0442 7.0(3)F \u0434\u043e 9.2(3) Nexus 3600 Platform, Cisco Systems Inc. NX-OS \u043e\u0442 7.0(3)F \u0434\u043e 9.2(3) Nexus 9500 R-Series, Cisco Systems Inc. NX-OS \u043e\u0442 9.2 \u0434\u043e 9.2(3) Nexus 3600 Platform, Cisco Systems Inc. NX-OS \u043e\u0442 9.2 \u0434\u043e 9.2(3) Nexus 9500 R-Series, Cisco Systems Inc. NX-OS \u043e\u0442 7.2 \u0434\u043e 7.3(4)D1(1) Nexus 7000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 7.2 \u0434\u043e 7.3(4)D1(1) Nexus 7700 Series, Cisco Systems Inc. NX-OS \u043e\u0442 7.3 \u0434\u043e 7.3(4)D1(1) Nexus 7000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 7.3 \u0434\u043e 7.3(4)D1(1) Nexus 7700 Series, Cisco Systems Inc. NX-OS \u0434\u043e 7.1(5)N1(1b) Nexus 5500 Series, Cisco Systems Inc. NX-OS \u0434\u043e 7.1(5)N1(1b) Nexus 6000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 7.3 \u0434\u043e 7.3(5)N1(1) Nexus 5500 Series, Cisco Systems Inc. NX-OS \u043e\u0442 7.3 \u0434\u043e 7.3(5)N1(1) Nexus 6000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 5.2 \u0434\u043e 6.2(29) MDS 9000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 6.2 \u0434\u043e 6.2(29) MDS 9000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 5.2 \u0434\u043e 5.2(1)SV5(1.2) (Nexus 1000 Virtual Edge for VMware vSphere) , Cisco Systems Inc. NX-OS \u0434\u043e 5.2(1)SV3(4.1a) Nexus 1000V for VMware vSphere, Cisco Systems Inc. NX-OS \u043e\u0442 7.0(3)I4 \u0434\u043e 7.0(3)I4(9) Nexus 9000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 7.0(3)I7 \u0434\u043e 7.0(3)I7(6) Nexus 9000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 9.2 \u0434\u043e 9.2(3) Nexus 9000 Series, Cisco Systems Inc. NX-OS \u0434\u043e 7.1(5)N1(1b) Nexus 5600 Platform, Cisco Systems Inc. NX-OS \u043e\u0442 7.1 \u0434\u043e 7.1(5)N1(1b) Nexus 5500 Series, Cisco Systems Inc. NX-OS \u043e\u0442 7.1 \u0434\u043e 7.1(5)N1(1b) Nexus 5600 Platform, Cisco Systems Inc. NX-OS \u043e\u0442 7.1 \u0434\u043e 7.1(5)N1(1b) Nexus 6000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 7.3 \u0434\u043e 7.3(5)N1(1) Nexus 5600 Platform, Cisco Systems Inc. NX-OS \u0434\u043e 13.2(7k) Nexus 9000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 13.1 \u0434\u043e 13.2(7k) Nexus 9000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 13.2 \u0434\u043e 13.2(7k) Nexus 9000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 14.0 \u0434\u043e 14.0(2c) Nexus 9000 Series, Cisco Systems Inc. NX-OS \u043e\u0442 14.1 \u0434\u043e 14.1(1i) Nexus 9000 Series, Cisco Systems Inc. NX-OS \u0434\u043e 3.2 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e UCS 6200 Series, Cisco Systems Inc. NX-OS \u0434\u043e 3.2 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e UCS 6300 Series, Cisco Systems Inc. NX-OS \u0434\u043e 3.2 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e UCS 6400 Series, Cisco Systems Inc. NX-OS 4.0 UCS 6200 Series, Cisco Systems Inc. NX-OS 4.0 UCS 6300 Series, Cisco Systems Inc. NX-OS 4.0 UCS 6400 Series",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 SNMP \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c NX-OS \u0438 FX-OS, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 SNMP \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c NX-OS \u0438 FX-OS \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e SNMP-\u043f\u0430\u043a\u0435\u0442\u0430",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-1963",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,4)"
}

CVE-2019-1963 (GCVE-0-2019-1963)

Vulnerability from cvelistv5 – Published: 2019-08-28 18:50 – Updated: 2024-11-21 19:15

Title

Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability

Summary

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.

Severity ?

7.7 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-20

Assigner

cisco

References

URL

Tags

https://tools.cisco.com/security/center/content/C…

vendor-advisoryx_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Unified Computing System (Managed)	Affected: unspecified , < 8.4(1) (custom)

Date Public ?

2019-08-28 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:35:51.823Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190828 Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1963",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T18:57:11.615078Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T19:15:22.318Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Unified Computing System (Managed)",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "8.4(1)",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-08-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-28T18:50:15.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190828 Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190828-fxnxos-snmp-dos",
        "defect": [
          [
            "CSCvn13270",
            "CSCvn23529",
            "CSCvn23531",
            "CSCvn23532",
            "CSCvn23534",
            "CSCvn23535",
            "CSCvn23536",
            "CSCvn23537",
            "CSCvn23538"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-08-28T16:00:00-0700",
          "ID": "CVE-2019-1963",
          "STATE": "PUBLIC",
          "TITLE": "Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Unified Computing System (Managed)",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "8.4(1)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.7",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190828 Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190828-fxnxos-snmp-dos",
          "defect": [
            [
              "CSCvn13270",
              "CSCvn23529",
              "CSCvn23531",
              "CSCvn23532",
              "CSCvn23534",
              "CSCvn23535",
              "CSCvn23536",
              "CSCvn23537",
              "CSCvn23538"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1963",
    "datePublished": "2019-08-28T18:50:15.502Z",
    "dateReserved": "2018-12-06T00:00:00.000Z",
    "dateUpdated": "2024-11-21T19:15:22.318Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2019-03287

CVE-2019-1963 (GCVE-0-2019-1963)

Tags

Sightings

Nomenclature