ID

VAR-201905-0237


CVE

CVE-2019-1705


TITLE

Cisco Adaptive Security Appliance Software improper resource shutdown and release vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-004457

DESCRIPTION

A vulnerability in the remote access VPN session manager of Cisco Adaptive Security Appliance (ASA) Software could allow a unauthenticated, remote attacker to cause a denial of service (DoS) condition on the remote access VPN services. The vulnerability is due to an issue with the remote access VPN session manager. An attacker could exploit this vulnerability by requesting an excessive number of remote access VPN sessions. An exploit could allow the attacker to cause a DoS condition. This issue is being tracked by Cisco Bug ID CSCvk13637. Cisco 3000 Series Industrial Security Appliances, etc. are all products of Cisco (Cisco). Cisco 3000 Series Industrial Security Appliances is a 3000 series firewall appliance. Firepower 2100 Series is a 2100 series firewall appliance. ASA Software is one of those firewall and network security platforms. The platform provides features such as highly secure access to data and network resources. The following products are affected: Cisco 3000 Series Industrial Security Appliances; ASA 5500-X Series Firewalls; ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers; Firepower 2100 Series;

Trust: 1.98

sources: NVD: CVE-2019-1705 // JVNDB: JVNDB-2019-004457 // BID: 108151 // VULHUB: VHN-149257

AFFECTED PRODUCTS

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.5

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.4

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.9.2.50

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.10.1.17

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.8.4

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.6.4.25

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.4.4.34

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.10

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.7

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.9

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower security appliancescope:eqversion:93000

Trust: 0.3

vendor:ciscomodel:firepower seriesscope:eqversion:41000

Trust: 0.3

vendor:ciscomodel:firepower seriesscope:eqversion:21000

Trust: 0.3

vendor:ciscomodel:asa services module for cisco catalyst series switchesscope:eqversion:65000

Trust: 0.3

vendor:ciscomodel:asa services module for cisco series routersscope:eqversion:76000

Trust: 0.3

vendor:ciscomodel:asa series firewallsscope:eqversion:5500-x0

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.9

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.7

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.10

Trust: 0.3

vendor:ciscomodel:series industrial security appliancescope:eqversion:30000

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:neversion:9.8.4

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:neversion:9.9.2.50

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:neversion:9.6.4.25

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:neversion:9.4.4.34

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:neversion:9.10.1.17

Trust: 0.3

sources: BID: 108151 // JVNDB: JVNDB-2019-004457 // NVD: CVE-2019-1705

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1705
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1705
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1705
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201905-016
value: MEDIUM

Trust: 0.6

VULHUB: VHN-149257
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-1705
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-149257
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1705
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 3.6
version: 3.0

Trust: 1.8

ykramarz@cisco.com: CVE-2019-1705
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.0

sources: VULHUB: VHN-149257 // JVNDB: JVNDB-2019-004457 // CNNVD: CNNVD-201905-016 // NVD: CVE-2019-1705 // NVD: CVE-2019-1705

PROBLEMTYPE DATA

problemtype:CWE-404

Trust: 1.9

sources: VULHUB: VHN-149257 // JVNDB: JVNDB-2019-004457 // NVD: CVE-2019-1705

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-016

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201905-016

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-004457

PATCH

title:cisco-sa-20190501-asa-vpn-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-vpn-dos

Trust: 0.8

title:Cisco Adaptive Security Appliances Software Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92167

Trust: 0.6

sources: JVNDB: JVNDB-2019-004457 // CNNVD: CNNVD-201905-016

EXTERNAL IDS

db:NVDid:CVE-2019-1705

Trust: 2.8

db:BIDid:108151

Trust: 2.0

db:JVNDBid:JVNDB-2019-004457

Trust: 0.8

db:CNNVDid:CNNVD-201905-016

Trust: 0.7

db:AUSCERTid:ESB-2020.0200

Trust: 0.6

db:AUSCERTid:ESB-2019.1519

Trust: 0.6

db:AUSCERTid:ESB-2020.0766

Trust: 0.6

db:VULHUBid:VHN-149257

Trust: 0.1

sources: VULHUB: VHN-149257 // BID: 108151 // JVNDB: JVNDB-2019-004457 // CNNVD: CNNVD-201905-016 // NVD: CVE-2019-1705

REFERENCES

url:http://www.securityfocus.com/bid/108151

Trust: 2.3

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-asa-vpn-dos

Trust: 2.0

url:https://nvd.nist.gov/vuln/detail/cve-2019-1705

Trust: 1.4

url:http://www.cisco.com/

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1705

Trust: 0.8

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-asa-csrf

Trust: 0.6

url:https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0200/

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-asa-denial-of-service-via-vpn-session-manager-29201

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0766/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/80114

Trust: 0.6

sources: VULHUB: VHN-149257 // BID: 108151 // JVNDB: JVNDB-2019-004457 // CNNVD: CNNVD-201905-016 // NVD: CVE-2019-1705

CREDITS

Cisco.

Trust: 0.9

sources: BID: 108151 // CNNVD: CNNVD-201905-016

SOURCES

db:VULHUBid:VHN-149257
db:BIDid:108151
db:JVNDBid:JVNDB-2019-004457
db:CNNVDid:CNNVD-201905-016
db:NVDid:CVE-2019-1705

LAST UPDATE DATE

2024-08-14T12:39:38.675000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-149257date:2019-10-09T00:00:00
db:BIDid:108151date:2019-05-01T00:00:00
db:JVNDBid:JVNDB-2019-004457date:2019-06-03T00:00:00
db:CNNVDid:CNNVD-201905-016date:2020-03-04T00:00:00
db:NVDid:CVE-2019-1705date:2023-08-15T15:24:56.340

SOURCES RELEASE DATE

db:VULHUBid:VHN-149257date:2019-05-03T00:00:00
db:BIDid:108151date:2019-05-01T00:00:00
db:JVNDBid:JVNDB-2019-004457date:2019-06-03T00:00:00
db:CNNVDid:CNNVD-201905-016date:2019-05-01T00:00:00
db:NVDid:CVE-2019-1705date:2019-05-03T16:29:00.553