Details of VAR-201904-0245

ID

VAR-201904-0245

CVE

CVE-2019-1710

TITLE

Cisco IOS XR Software input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-003480

DESCRIPTION

A vulnerability in the sysadmin virtual machine (VM) on Cisco ASR 9000 Series Aggregation Services Routers running Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to access internal applications running on the sysadmin VM. The vulnerability is due to incorrect isolation of the secondary management interface from internal sysadmin applications. An attacker could exploit this vulnerability by connecting to one of the listening internal applications. A successful exploit could result in unstable conditions, including both a denial of service and remote unauthenticated access to the device. This vulnerability has been fixed in Cisco IOS XR 64-bit Software Release 6.5.3 and 7.0.1, which will edit the calvados_boostrap.cfg file and reload the device. Cisco IOS XR The software contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. An attacker can exploit this issue to gain unauthorized access, perform unintended actions and cause denial-of-service conditions. This may lead to further attacks. This issue is being tracked by Cisco Bug ID CSCvn56004

Trust: 1.98

sources: NVD: CVE-2019-1710 // JVNDB: JVNDB-2019-003480 // BID: 108007 // VULMON: CVE-2019-1710

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xr	scope:	lt	version:	6.5.3	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	lt	version:	7.0.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	gte	version:	7.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	lt	version:	64-bit 6.5.3	Trust: 0.8
vendor:	cisco	model:	ios xr	scope:	lt	version:	64-bit 7.0.1	Trust: 0.8
vendor:	cisco	model:	ios xr software	scope:	eq	version:	6.3.2	Trust: 0.3
vendor:	cisco	model:	ios xr software	scope:	eq	version:	6.3.1	Trust: 0.3
vendor:	cisco	model:	ios xr software	scope:	eq	version:	6.2.3	Trust: 0.3
vendor:	cisco	model:	ios xr software	scope:	eq	version:	6.1.4	Trust: 0.3
vendor:	cisco	model:	ios xr software	scope:	eq	version:	6.1.2	Trust: 0.3
vendor:	cisco	model:	ios xr software	scope:	eq	version:	6.1.1	Trust: 0.3
vendor:	cisco	model:	ios xr software	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	cisco	model:	ios xr	scope:	eq	version:	6.5.2	Trust: 0.3
vendor:	cisco	model:	ios xr	scope:	eq	version:	6.4.2	Trust: 0.3
vendor:	cisco	model:	asr	scope:	eq	version:	90000	Trust: 0.3
vendor:	cisco	model:	ios xr	scope:	ne	version:	7.0.1	Trust: 0.3
vendor:	cisco	model:	ios xr	scope:	ne	version:	6.5.3	Trust: 0.3

sources: BID: 108007 // JVNDB: JVNDB-2019-003480 // NVD: CVE-2019-1710

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1710
value:	CRITICAL
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1710
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2019-1710
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-201904-849
value:	CRITICAL
Trust: 0.6
VULMON:	CVE-2019-1710
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-1710
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

nvd@nist.gov:	CVE-2019-1710
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 2.8

sources: VULMON: CVE-2019-1710 // JVNDB: JVNDB-2019-003480 // CNNVD: CNNVD-201904-849 // NVD: CVE-2019-1710 // NVD: CVE-2019-1710

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.8

sources: JVNDB: JVNDB-2019-003480 // NVD: CVE-2019-1710

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201904-849

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201904-849

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-003480

PATCH

title:	cisco-sa-20190417-asr9k-exr	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-asr9k-exr	Trust: 0.8
title:	Cisco ASR 9000 Enter the fix for the verification error vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91683	Trust: 0.6
title:	Cisco: Cisco IOS XR 64-Bit Software for Cisco ASR 9000 Series Aggregation Services Routers Network Isolation Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20190417-asr9k-exr	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/cisco-patch-asr-9000-routers/143895/	Trust: 0.1

sources: VULMON: CVE-2019-1710 // JVNDB: JVNDB-2019-003480 // CNNVD: CNNVD-201904-849

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1710	Trust: 2.8
db:	BID	id:	108007	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-003480	Trust: 0.8
db:	AUSCERT	id:	ESB-2019.1331.3	Trust: 0.6
db:	CNNVD	id:	CNNVD-201904-849	Trust: 0.6
db:	VULMON	id:	CVE-2019-1710	Trust: 0.1

sources: VULMON: CVE-2019-1710 // BID: 108007 // JVNDB: JVNDB-2019-003480 // CNNVD: CNNVD-201904-849 // NVD: CVE-2019-1710

REFERENCES

url:	http://www.securityfocus.com/bid/108007	Trust: 2.4
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190417-asr9k-exr	Trust: 2.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1710	Trust: 1.4
url:	http://www.cisco.com/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1710	Trust: 0.8
url:	https://vigilance.fr/vulnerability/cisco-ios-xr-asr-9000-privilege-escalation-via-management-interface-isolation-29081	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/79286	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://threatpost.com/cisco-patch-asr-9000-routers/143895/	Trust: 0.1

sources: VULMON: CVE-2019-1710 // BID: 108007 // JVNDB: JVNDB-2019-003480 // CNNVD: CNNVD-201904-849 // NVD: CVE-2019-1710

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 108007

SOURCES

db:	VULMON	id:	CVE-2019-1710
db:	BID	id:	108007
db:	JVNDB	id:	JVNDB-2019-003480
db:	CNNVD	id:	CNNVD-201904-849
db:	NVD	id:	CVE-2019-1710

LAST UPDATE DATE

2024-08-14T14:56:56.536000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2019-1710	date:	2019-10-09T00:00:00
db:	BID	id:	108007	date:	2019-04-17T00:00:00
db:	JVNDB	id:	JVNDB-2019-003480	date:	2019-05-17T00:00:00
db:	CNNVD	id:	CNNVD-201904-849	date:	2019-05-14T00:00:00
db:	NVD	id:	CVE-2019-1710	date:	2019-10-09T23:47:47.393

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2019-1710	date:	2019-04-17T00:00:00
db:	BID	id:	108007	date:	2019-04-17T00:00:00
db:	JVNDB	id:	JVNDB-2019-003480	date:	2019-05-17T00:00:00
db:	CNNVD	id:	CNNVD-201904-849	date:	2019-04-17T00:00:00
db:	NVD	id:	CVE-2019-1710	date:	2019-04-17T22:29:00.390