ID

VAR-201902-0462


CVE

CVE-2019-1700


TITLE

Cisco Firepower 9000 Resource management vulnerability in the series

Trust: 0.8

sources: JVNDB: JVNDB-2019-001946

DESCRIPTION

A vulnerability in field-programmable gate array (FPGA) ingress buffer management for the Cisco Firepower 9000 Series with the Cisco Firepower 2-port 100G double-width network module (PID: FPR9K-DNM-2X100G) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. Manual intervention may be required before a device will resume normal operations. The vulnerability is due to a logic error in the FPGA related to the processing of different types of input packets. An attacker could exploit this vulnerability by being on the adjacent subnet and sending a crafted sequence of input packets to a specific interface on an affected device. A successful exploit could allow the attacker to cause a queue wedge condition on the interface. When a wedge occurs, the affected device will stop processing any additional packets that are received on the wedged interface. Version 2.2 is affected. Cisco Firepower 9000 The series contains vulnerabilities related to resource management.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco Firepower 9000 Series is prone to a denial-of-service vulnerability. This issue is tracked by Cisco Bug ID CSCux10531. Cisco Firepower 9000 Series 2.2(200.8) is vulnerable; other versions may also be vulnerable

Trust: 1.98

sources: NVD: CVE-2019-1700 // JVNDB: JVNDB-2019-001946 // BID: 107105 // VULHUB: VHN-149202

AFFECTED PRODUCTS

vendor:ciscomodel:firepower 9000scope:eqversion:2.2\(200.8\)

Trust: 1.0

vendor:ciscomodel:firepower 9000scope:eqversion:2.2

Trust: 0.8

vendor:ciscomodel:firepower seriesscope:eqversion:90002.2(200.8)

Trust: 0.3

sources: BID: 107105 // JVNDB: JVNDB-2019-001946 // NVD: CVE-2019-1700

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1700
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1700
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1700
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201902-791
value: MEDIUM

Trust: 0.6

VULHUB: VHN-149202
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-1700
severity: MEDIUM
baseScore: 5.7
vectorString: AV:A/AC:M/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 5.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-149202
severity: MEDIUM
baseScore: 5.7
vectorString: AV:A/AC:M/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 5.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1700
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.6
impactScore: 4.0
version: 3.0

Trust: 2.8

sources: VULHUB: VHN-149202 // JVNDB: JVNDB-2019-001946 // CNNVD: CNNVD-201902-791 // NVD: CVE-2019-1700 // NVD: CVE-2019-1700

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

sources: VULHUB: VHN-149202 // JVNDB: JVNDB-2019-001946 // NVD: CVE-2019-1700

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201902-791

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201902-791

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-001946

PATCH

title:cisco-sa-20190220-firpwr-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-firpwr-dos

Trust: 0.8

title:Cisco Firepower 9000 Series Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89586

Trust: 0.6

sources: JVNDB: JVNDB-2019-001946 // CNNVD: CNNVD-201902-791

EXTERNAL IDS

db:NVDid:CVE-2019-1700

Trust: 2.8

db:BIDid:107105

Trust: 2.0

db:JVNDBid:JVNDB-2019-001946

Trust: 0.8

db:CNNVDid:CNNVD-201902-791

Trust: 0.7

db:NSFOCUSid:42801

Trust: 0.6

db:AUSCERTid:ESB-2019.0530

Trust: 0.6

db:VULHUBid:VHN-149202

Trust: 0.1

sources: VULHUB: VHN-149202 // BID: 107105 // JVNDB: JVNDB-2019-001946 // CNNVD: CNNVD-201902-791 // NVD: CVE-2019-1700

REFERENCES

url:http://www.securityfocus.com/bid/107105

Trust: 2.3

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190220-firpwr-dos

Trust: 2.0

url:https://nvd.nist.gov/vuln/detail/cve-2019-1700

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1700

Trust: 0.8

url:https://www.auscert.org.au/bulletins/75866

Trust: 0.6

url:http://www.nsfocus.net/vulndb/42801

Trust: 0.6

url:http://www.cisco.com/

Trust: 0.3

sources: VULHUB: VHN-149202 // BID: 107105 // JVNDB: JVNDB-2019-001946 // CNNVD: CNNVD-201902-791 // NVD: CVE-2019-1700

CREDITS

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.,Cisco,Cisco ?? ??

Trust: 0.6

sources: CNNVD: CNNVD-201902-791

SOURCES

db:VULHUBid:VHN-149202
db:BIDid:107105
db:JVNDBid:JVNDB-2019-001946
db:CNNVDid:CNNVD-201902-791
db:NVDid:CVE-2019-1700

LAST UPDATE DATE

2024-08-14T14:32:47.074000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-149202date:2019-10-09T00:00:00
db:BIDid:107105date:2019-02-20T00:00:00
db:JVNDBid:JVNDB-2019-001946date:2019-03-29T00:00:00
db:CNNVDid:CNNVD-201902-791date:2019-10-17T00:00:00
db:NVDid:CVE-2019-1700date:2019-10-09T23:47:45.720

SOURCES RELEASE DATE

db:VULHUBid:VHN-149202date:2019-02-21T00:00:00
db:BIDid:107105date:2019-02-20T00:00:00
db:JVNDBid:JVNDB-2019-001946date:2019-03-29T00:00:00
db:CNNVDid:CNNVD-201902-791date:2019-02-21T00:00:00
db:NVDid:CVE-2019-1700date:2019-02-21T21:29:00.313