Details of VAR-201903-0560

ID

VAR-201903-0560

CVE

CVE-2019-1749

TITLE

Cisco IOS XE Software input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-003039

DESCRIPTION

A vulnerability in the ingress traffic validation of Cisco IOS XE Software for Cisco Aggregation Services Router (ASR) 900 Route Switch Processor 3 (RSP3) could allow an unauthenticated, adjacent attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the software insufficiently validates ingress traffic on the ASIC used on the RSP3 platform. An attacker could exploit this vulnerability by sending a malformed OSPF version 2 (OSPFv2) message to an affected device. A successful exploit could allow the attacker to cause a reload of the iosd process, triggering a reload of the affected device and resulting in a DoS condition. Cisco IOS XE The software contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco IOS XE Software is prone to a denial-of-service vulnerability. Cisco ASR 900 is a 900 series Aggregation Services Router produced by Cisco

Trust: 1.98

sources: NVD: CVE-2019-1749 // JVNDB: JVNDB-2019-003039 // BID: 107615 // VULHUB: VHN-149741

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1isp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.3as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.0sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.0as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.6as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.5as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.2as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.4sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.7s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1hsp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.7bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.8s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4gs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.2sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4cs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4ds	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.3sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.6bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1bsp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.1as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.5s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.6s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1gsp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4es	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios xe software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr route switch processor	scope:	eq	version:	90030	Trust: 0.3

sources: BID: 107615 // JVNDB: JVNDB-2019-003039 // NVD: CVE-2019-1749

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1749
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1749
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-1749
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201903-1120
value:	HIGH
Trust: 0.6
VULHUB:	VHN-149741
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-1749
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-149741
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

ykramarz@cisco.com:	CVE-2019-1749
baseSeverity:	HIGH
baseScore:	7.4
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	4.0
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2019-1749
baseSeverity:	HIGH
baseScore:	7.4
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	4.0
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-149741 // JVNDB: JVNDB-2019-003039 // CNNVD: CNNVD-201903-1120 // NVD: CVE-2019-1749 // NVD: CVE-2019-1749

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-149741 // JVNDB: JVNDB-2019-003039 // NVD: CVE-2019-1749

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201903-1120

TYPE

Input Validation Error

Trust: 0.9

sources: BID: 107615 // CNNVD: CNNVD-201903-1120

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-003039

PATCH

title:	cisco-sa-20190327-rsp3-ospf	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-rsp3-ospf	Trust: 0.8
title:	Cisco ASR 900 Cisco IOS XE Enter the fix for the verification vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90534	Trust: 0.6

sources: JVNDB: JVNDB-2019-003039 // CNNVD: CNNVD-201903-1120

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1749	Trust: 2.8
db:	BID	id:	107615	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-003039	Trust: 0.8
db:	CNNVD	id:	CNNVD-201903-1120	Trust: 0.7
db:	NSFOCUS	id:	43063	Trust: 0.6
db:	VULHUB	id:	VHN-149741	Trust: 0.1

sources: VULHUB: VHN-149741 // BID: 107615 // JVNDB: JVNDB-2019-003039 // CNNVD: CNNVD-201903-1120 // NVD: CVE-2019-1749

REFERENCES

url:	http://www.securityfocus.com/bid/107615	Trust: 2.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190327-rsp3-ospf	Trust: 2.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1749	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1749	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/43063	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-ios-ios-xe-multiple-vulnerabilities-28888	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-149741 // BID: 107615 // JVNDB: JVNDB-2019-003039 // CNNVD: CNNVD-201903-1120 // NVD: CVE-2019-1749

CREDITS

Cisco ?? ??

Trust: 0.6

sources: CNNVD: CNNVD-201903-1120

SOURCES

db:	VULHUB	id:	VHN-149741
db:	BID	id:	107615
db:	JVNDB	id:	JVNDB-2019-003039
db:	CNNVD	id:	CNNVD-201903-1120
db:	NVD	id:	CVE-2019-1749

LAST UPDATE DATE

2024-08-14T14:19:37.923000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-149741	date:	2019-10-09T00:00:00
db:	BID	id:	107615	date:	2019-03-27T00:00:00
db:	JVNDB	id:	JVNDB-2019-003039	date:	2019-05-07T00:00:00
db:	CNNVD	id:	CNNVD-201903-1120	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2019-1749	date:	2024-02-07T18:27:39.460

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-149741	date:	2019-03-28T00:00:00
db:	BID	id:	107615	date:	2019-03-27T00:00:00
db:	JVNDB	id:	JVNDB-2019-003039	date:	2019-05-07T00:00:00
db:	CNNVD	id:	CNNVD-201903-1120	date:	2019-03-27T00:00:00
db:	NVD	id:	CVE-2019-1749	date:	2019-03-28T00:29:00.717