Sign-up

ID

VAR-201902-0462


CVE

CVE-2019-1700


TITLE

Cisco Firepower 9000 Resource management vulnerability in the series

Trust: 0.8

sources: JVNDB: JVNDB-2019-001946

DESCRIPTION

A vulnerability in field-programmable gate array (FPGA) ingress buffer management for the Cisco Firepower 9000 Series with the Cisco Firepower 2-port 100G double-width network module (PID: FPR9K-DNM-2X100G) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. Manual intervention may be required before a device will resume normal operations. The vulnerability is due to a logic error in the FPGA related to the processing of different types of input packets. An attacker could exploit this vulnerability by being on the adjacent subnet and sending a crafted sequence of input packets to a specific interface on an affected device. A successful exploit could allow the attacker to cause a queue wedge condition on the interface. When a wedge occurs, the affected device will stop processing any additional packets that are received on the wedged interface. Version 2.2 is affected. Cisco Firepower 9000 The series contains vulnerabilities related to resource management.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco Firepower 9000 Series is prone to a denial-of-service vulnerability. This issue is tracked by Cisco Bug ID CSCux10531. Cisco Firepower 9000 Series 2.2(200.8) is vulnerable; other versions may also be vulnerable

Trust: 1.98

sources: NVD: CVE-2019-1700 // JVNDB: JVNDB-2019-001946 // BID: 107105 // VULHUB: VHN-149202

AFFECTED PRODUCTS

vendor:ciscomodel:firepower 9000scope:eqversion:2.2\(200.8\)

Trust: 1.0

vendor:ciscomodel:firepower 9000scope:eqversion:2.2

Trust: 0.8

vendor:ciscomodel:firepower seriesscope:eqversion:90002.2(200.8)

Trust: 0.3

sources: BID: 107105 // JVNDB: JVNDB-2019-001946 // NVD: CVE-2019-1700

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1700
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1700
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1700
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201902-791
value: MEDIUM

Trust: 0.6

VULHUB: VHN-149202
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-1700
severity: MEDIUM
baseScore: 5.7
vectorString: AV:A/AC:M/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 5.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-149202
severity: MEDIUM
baseScore: 5.7
vectorString: AV:A/AC:M/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 5.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1700
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.6
impactScore: 4.0
version: 3.0

Trust: 2.8

sources: VULHUB: VHN-149202 // JVNDB: JVNDB-2019-001946 // CNNVD: CNNVD-201902-791 // NVD: CVE-2019-1700 // NVD: CVE-2019-1700

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

sources: VULHUB: VHN-149202 // JVNDB: JVNDB-2019-001946 // NVD: CVE-2019-1700

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201902-791

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201902-791

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-001946

PATCH
title:cisco-sa-20190220-firpwr-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-firpwr-dos
Trust: 0.8
title:Cisco Firepower 9000 Series Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89586
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-001946 // 
            
            
            
            CNNVD: CNNVD-201902-791

EXTERNAL IDS
db:NVDid:CVE-2019-1700
Trust: 2.8
db:BIDid:107105
Trust: 2.0
db:JVNDBid:JVNDB-2019-001946
Trust: 0.8
db:CNNVDid:CNNVD-201902-791
Trust: 0.7
db:NSFOCUSid:42801
Trust: 0.6
db:AUSCERTid:ESB-2019.0530
Trust: 0.6
db:VULHUBid:VHN-149202
Trust: 0.1
sources:
            
            
            VULHUB: VHN-149202 // 
            
            
            
            BID: 107105 // 
            
            
            
            JVNDB: JVNDB-2019-001946 // 
            
            
            
            CNNVD: CNNVD-201902-791 // 
            
            
            
            NVD: CVE-2019-1700

REFERENCES
url:http://www.securityfocus.com/bid/107105
Trust: 2.3
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190220-firpwr-dos
Trust: 2.0
url:https://nvd.nist.gov/vuln/detail/cve-2019-1700
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1700
Trust: 0.8
url:https://www.auscert.org.au/bulletins/75866
Trust: 0.6
url:http://www.nsfocus.net/vulndb/42801
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-149202 // 
            
            
            
            BID: 107105 // 
            
            
            
            JVNDB: JVNDB-2019-001946 // 
            
            
            
            CNNVD: CNNVD-201902-791 // 
            
            
            
            NVD: CVE-2019-1700

CREDITS
The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.,Cisco,Cisco ?? ??
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201902-791

SOURCES
db:VULHUBid:VHN-149202
db:BIDid:107105
db:JVNDBid:JVNDB-2019-001946
db:CNNVDid:CNNVD-201902-791
db:NVDid:CVE-2019-1700

LAST UPDATE DATE
2024-08-14T14:32:47.074000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-149202date:2019-10-09T00:00:00
db:BIDid:107105date:2019-02-20T00:00:00
db:JVNDBid:JVNDB-2019-001946date:2019-03-29T00:00:00
db:CNNVDid:CNNVD-201902-791date:2019-10-17T00:00:00
db:NVDid:CVE-2019-1700date:2019-10-09T23:47:45.720

SOURCES RELEASE DATE
db:VULHUBid:VHN-149202date:2019-02-21T00:00:00
db:BIDid:107105date:2019-02-20T00:00:00
db:JVNDBid:JVNDB-2019-001946date:2019-03-29T00:00:00
db:CNNVDid:CNNVD-201902-791date:2019-02-21T00:00:00
db:NVDid:CVE-2019-1700date:2019-02-21T21:29:00.313