ID

VAR-201905-0246


CVE

CVE-2019-1703


TITLE

Cisco Firepower Threat Defense Software depletion vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-004379

DESCRIPTION

A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for the Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error, which may prevent ingress buffers from being replenished under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to consume all input buffers, which are shared between all interfaces, leading to a queue wedge condition in all active interfaces. This situation would cause an affected device to stop processing any incoming traffic and result in a DoS condition until the device is reloaded manually. Exploiting this issue allows remote attackers to cause a denial-of-service condition due to input buffers consumption. This issue is being tracked by Cisco Bug ID CSCvj62504. This vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products

Trust: 1.98

sources: NVD: CVE-2019-1703 // JVNDB: JVNDB-2019-004379 // BID: 108170 // VULHUB: VHN-149235

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:ltversion:6.2.3.12

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.2.1

Trust: 1.0

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.3

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.3

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.2

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.1

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.1

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.0.1

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:firepower seriesscope:eqversion:21000

Trust: 0.3

sources: BID: 108170 // JVNDB: JVNDB-2019-004379 // NVD: CVE-2019-1703

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1703
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1703
value: HIGH

Trust: 1.0

NVD: CVE-2019-1703
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201905-034
value: HIGH

Trust: 0.6

VULHUB: VHN-149235
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-1703
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-149235
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

ykramarz@cisco.com: CVE-2019-1703
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2019-1703
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-149235 // JVNDB: JVNDB-2019-004379 // CNNVD: CNNVD-201905-034 // NVD: CVE-2019-1703 // NVD: CVE-2019-1703

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

problemtype:CWE-770

Trust: 1.1

sources: VULHUB: VHN-149235 // JVNDB: JVNDB-2019-004379 // NVD: CVE-2019-1703

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-034

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201905-034

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-004379

PATCH

title:cisco-sa-20190501-frpwr-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-dos

Trust: 0.8

title:Cisco Firepower 2100 Series Firepower Threat Defense Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92184

Trust: 0.6

sources: JVNDB: JVNDB-2019-004379 // CNNVD: CNNVD-201905-034

EXTERNAL IDS

db:NVDid:CVE-2019-1703

Trust: 2.8

db:BIDid:108170

Trust: 2.0

db:JVNDBid:JVNDB-2019-004379

Trust: 0.8

db:CNNVDid:CNNVD-201905-034

Trust: 0.7

db:AUSCERTid:ESB-2019.1516

Trust: 0.6

db:VULHUBid:VHN-149235

Trust: 0.1

sources: VULHUB: VHN-149235 // BID: 108170 // JVNDB: JVNDB-2019-004379 // CNNVD: CNNVD-201905-034 // NVD: CVE-2019-1703

REFERENCES

url:http://www.securityfocus.com/bid/108170

Trust: 2.3

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-frpwr-dos

Trust: 2.0

url:https://nvd.nist.gov/vuln/detail/cve-2019-1703

Trust: 1.4

url:http://www.cisco.com/

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1703

Trust: 0.8

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-ftd-cmd-inject

Trust: 0.6

url:https://www.auscert.org.au/bulletins/80106

Trust: 0.6

sources: VULHUB: VHN-149235 // BID: 108170 // JVNDB: JVNDB-2019-004379 // CNNVD: CNNVD-201905-034 // NVD: CVE-2019-1703

CREDITS

Cisco.

Trust: 0.9

sources: BID: 108170 // CNNVD: CNNVD-201905-034

SOURCES

db:VULHUBid:VHN-149235
db:BIDid:108170
db:JVNDBid:JVNDB-2019-004379
db:CNNVDid:CNNVD-201905-034
db:NVDid:CVE-2019-1703

LAST UPDATE DATE

2024-08-14T13:45:04.765000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-149235date:2020-10-07T00:00:00
db:BIDid:108170date:2019-05-01T00:00:00
db:JVNDBid:JVNDB-2019-004379date:2019-05-31T00:00:00
db:CNNVDid:CNNVD-201905-034date:2020-10-09T00:00:00
db:NVDid:CVE-2019-1703date:2020-10-07T18:50:51.867

SOURCES RELEASE DATE

db:VULHUBid:VHN-149235date:2019-05-03T00:00:00
db:BIDid:108170date:2019-05-01T00:00:00
db:JVNDBid:JVNDB-2019-004379date:2019-05-31T00:00:00
db:CNNVDid:CNNVD-201905-034date:2019-05-01T00:00:00
db:NVDid:CVE-2019-1703date:2019-05-03T16:29:00.430