Sign-up

ID

VAR-201304-0173


CVE

CVE-2013-1219


TITLE

Cisco Intrusion Prevention System of SensorApp Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-002504

DESCRIPTION

SensorApp in Cisco Intrusion Prevention System (IPS) allows local users to cause a denial of service (Regex hardware job failure and application hang) via a (1) initiate signature upgrade, (2) initiate global correlation, (3) show statistics anomaly-detection, or (4) clear database action, aka Bug ID CSCuc74630. Cisco Intrusion Prevention System is prone to a local denial-of-service vulnerability. A local attacker can exploit this issue to crash the system, resulting in denial-of-service conditions. This issue is being tracked by Cisco bug ID CSCuc74630. The system can immediately interrupt, adjust or isolate some abnormal or harmful network data transmission behaviors. The vulnerability is due to a job failure in the Regex hardware when processing the control transaction getENGVirtualSensorStatistics. When the malicious action is processed by the affected device, the SensorApp process may hang or become unresponsive to legitimate commands or control transactions, leading to a DoS condition. Cisco has confirmed the vulnerability in a security notice and has released software updates. This vulnerability is applicable only to platforms that implement Regex hardware. Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available. To exploit this vulnerability, an attacker requires authenticated access to a targeted device and may require access to trusted, internal networks. These access requirements could limit the likelihood of a successful exploit

Trust: 2.07

sources: NVD: CVE-2013-1219 // JVNDB: JVNDB-2013-002504 // BID: 59545 // VULHUB: VHN-61221 // VULMON: CVE-2013-1219

AFFECTED PRODUCTS

vendor:ciscomodel:intrusion prevention systemscope: - version: -

Trust: 1.4

vendor:ciscomodel:intrusion prevention systemscope:eqversion:*

Trust: 1.0

sources: JVNDB: JVNDB-2013-002504 // CNNVD: CNNVD-201304-606 // NVD: CVE-2013-1219

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-1219
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-1219
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201304-606
value: MEDIUM

Trust: 0.6

VULHUB: VHN-61221
value: MEDIUM

Trust: 0.1

VULMON: CVE-2013-1219
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-1219
severity: MEDIUM
baseScore: 4.4
vectorString: AV:L/AC:M/AU:S/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 2.7
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-61221
severity: MEDIUM
baseScore: 4.4
vectorString: AV:L/AC:M/AU:S/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 2.7
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-61221 // VULMON: CVE-2013-1219 // JVNDB: JVNDB-2013-002504 // CNNVD: CNNVD-201304-606 // NVD: CVE-2013-1219

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2013-1219

THREAT TYPE

local

Trust: 0.9

sources: BID: 59545 // CNNVD: CNNVD-201304-606

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201304-606

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-002504

PATCH
title:Cisco IPS SensorApp Regex Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1219
Trust: 0.8
title:29105url:http://tools.cisco.com/security/center/viewAlert.x?alertId=29105
Trust: 0.8
title:Cisco: Cisco IPS SensorApp Regex Processing Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=Cisco-SA-20130429-CVE-2013-1219
Trust: 0.1
sources:
            
            
            VULMON: CVE-2013-1219 // 
            
            
            
            JVNDB: JVNDB-2013-002504

EXTERNAL IDS
db:NVDid:CVE-2013-1219
Trust: 2.9
db:JVNDBid:JVNDB-2013-002504
Trust: 0.8
db:CNNVDid:CNNVD-201304-606
Trust: 0.7
db:CISCOid:20130426 CISCO IPS SENSORAPP REGEX VULNERABILITY
Trust: 0.6
db:SECUNIAid:53277
Trust: 0.6
db:BIDid:59545
Trust: 0.4
db:VULHUBid:VHN-61221
Trust: 0.1
db:VULMONid:CVE-2013-1219
Trust: 0.1
sources:
            
            
            VULHUB: VHN-61221 // 
            
            
            
            VULMON: CVE-2013-1219 // 
            
            
            
            BID: 59545 // 
            
            
            
            JVNDB: JVNDB-2013-002504 // 
            
            
            
            CNNVD: CNNVD-201304-606 // 
            
            
            
            NVD: CVE-2013-1219

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-1219
Trust: 2.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1219
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1219
Trust: 0.8
url:http://secunia.com/advisories/53277
Trust: 0.6
url:http://www.cisco.com/en/us/products/sw/secursw/ps2113/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130429-cve-2013-1219
Trust: 0.1
sources:
            
            
            VULHUB: VHN-61221 // 
            
            
            
            VULMON: CVE-2013-1219 // 
            
            
            
            BID: 59545 // 
            
            
            
            JVNDB: JVNDB-2013-002504 // 
            
            
            
            CNNVD: CNNVD-201304-606 // 
            
            
            
            NVD: CVE-2013-1219

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 59545

SOURCES
db:VULHUBid:VHN-61221
db:VULMONid:CVE-2013-1219
db:BIDid:59545
db:JVNDBid:JVNDB-2013-002504
db:CNNVDid:CNNVD-201304-606
db:NVDid:CVE-2013-1219

LAST UPDATE DATE
2024-11-23T23:12:49.686000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-61221date:2013-05-01T00:00:00
db:VULMONid:CVE-2013-1219date:2013-05-01T00:00:00
db:BIDid:59545date:2013-04-26T00:00:00
db:JVNDBid:JVNDB-2013-002504date:2013-04-30T00:00:00
db:CNNVDid:CNNVD-201304-606date:2013-05-02T00:00:00
db:NVDid:CVE-2013-1219date:2024-11-21T01:49:08.213

SOURCES RELEASE DATE
db:VULHUBid:VHN-61221date:2013-04-29T00:00:00
db:VULMONid:CVE-2013-1219date:2013-04-29T00:00:00
db:BIDid:59545date:2013-04-26T00:00:00
db:JVNDBid:JVNDB-2013-002504date:2013-04-30T00:00:00
db:CNNVDid:CNNVD-201304-606date:2013-04-29T00:00:00
db:NVDid:CVE-2013-1219date:2013-04-29T12:20:36.250