Details of VAR-201905-0586

ID

VAR-201905-0586

CVE

CVE-2019-1697

TITLE

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-003890

DESCRIPTION

A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets sent to an affected device. An attacker could exploit these vulnerabilities by sending a crafted LDAP packet, using Basic Encoding Rules (BER), to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. This issue is being tracked by Cisco Bug ID CSCvn20985. Cisco Firepower 4100 Series, etc. are all products of Cisco (Cisco). Cisco Firepower 4100 Series is a 4100 series firewall device. FTD Software is one of the unified software that provides next-generation firewall services. Cisco 3000 Series Industrial Security Appliances is a 3000 series firewall appliance. ASA Software is one of those firewall and network security platforms. The platform provides features such as highly secure access to data and network resources. Cisco ASA 5500-X Series Firewalls is a 5500-X series firewall appliance. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected: Cisco 3000 Series Industrial Security Appliances; ASA 5500-X Series Firewalls; ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers; Adaptive Security Virtual Appliance; 9300 Security Appliances; FTD Virtual

Trust: 1.98

sources: NVD: CVE-2019-1697 // JVNDB: JVNDB-2019-003890 // BID: 108182 // VULHUB: VHN-149169

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.3.0.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.9.2.50	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.10.1.17	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.8.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.6.4.25	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.10	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.3.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.2.3.12	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.9	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense virtual	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.2	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.1	Trust: 0.3
vendor:	cisco	model:	firepower security appliance	scope:	eq	version:	93000	Trust: 0.3
vendor:	cisco	model:	firepower series	scope:	eq	version:	41000	Trust: 0.3
vendor:	cisco	model:	firepower series	scope:	eq	version:	21000	Trust: 0.3
vendor:	cisco	model:	asa services module for cisco catalyst series switches	scope:	eq	version:	65000	Trust: 0.3
vendor:	cisco	model:	asa services module for cisco series routers	scope:	eq	version:	76000	Trust: 0.3
vendor:	cisco	model:	asa series firewalls	scope:	eq	version:	5500-x0	Trust: 0.3
vendor:	cisco	model:	adaptive security virtual appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.7	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.10	Trust: 0.3
vendor:	cisco	model:	series industrial security appliance	scope:	eq	version:	30000	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	ne	version:	6.3.0.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	ne	version:	6.2.3.12	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.8.4	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.9.2.50	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.6.4.25	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.10.1.17	Trust: 0.3

sources: BID: 108182 // JVNDB: JVNDB-2019-003890 // NVD: CVE-2019-1697

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1697
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1697
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-1697
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201905-028
value:	HIGH
Trust: 0.6
VULHUB:	VHN-149169
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-1697
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-149169
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-1697
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8
ykramarz@cisco.com:	CVE-2019-1697
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	4.0
version:	3.0
Trust: 1.0

sources: VULHUB: VHN-149169 // JVNDB: JVNDB-2019-003890 // CNNVD: CNNVD-201905-028 // NVD: CVE-2019-1697 // NVD: CVE-2019-1697

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-149169 // JVNDB: JVNDB-2019-003890 // NVD: CVE-2019-1697

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-028

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201905-028

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-003890

PATCH

title:	cisco-sa-20190501-asa-ftds-ldapdos	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftds-ldapdos	Trust: 0.8
title:	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Enter the fix for the verification error vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92179	Trust: 0.6

sources: JVNDB: JVNDB-2019-003890 // CNNVD: CNNVD-201905-028

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1697	Trust: 2.8
db:	BID	id:	108182	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-003890	Trust: 0.8
db:	CNNVD	id:	CNNVD-201905-028	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.1510.2	Trust: 0.6
db:	VULHUB	id:	VHN-149169	Trust: 0.1

sources: VULHUB: VHN-149169 // BID: 108182 // JVNDB: JVNDB-2019-003890 // CNNVD: CNNVD-201905-028 // NVD: CVE-2019-1697

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-asa-ftds-ldapdos	Trust: 2.6
url:	http://www.securityfocus.com/bid/108182	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1697	Trust: 1.4
url:	http://www.cisco.com/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1697	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-asa-ftd-ike-dos	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/80090	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-asa-denial-of-service-via-ldap-ber-29198	Trust: 0.6

sources: VULHUB: VHN-149169 // BID: 108182 // JVNDB: JVNDB-2019-003890 // CNNVD: CNNVD-201905-028 // NVD: CVE-2019-1697

CREDITS

Cisco.

Trust: 0.9

sources: BID: 108182 // CNNVD: CNNVD-201905-028

SOURCES

db:	VULHUB	id:	VHN-149169
db:	BID	id:	108182
db:	JVNDB	id:	JVNDB-2019-003890
db:	CNNVD	id:	CNNVD-201905-028
db:	NVD	id:	CVE-2019-1697

LAST UPDATE DATE

2024-08-14T13:45:03.358000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-149169	date:	2019-05-07T00:00:00
db:	BID	id:	108182	date:	2019-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2019-003890	date:	2019-05-23T00:00:00
db:	CNNVD	id:	CNNVD-201905-028	date:	2019-05-14T00:00:00
db:	NVD	id:	CVE-2019-1697	date:	2023-08-15T15:24:56.340

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-149169	date:	2019-05-03T00:00:00
db:	BID	id:	108182	date:	2019-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2019-003890	date:	2019-05-23T00:00:00
db:	CNNVD	id:	CNNVD-201905-028	date:	2019-05-01T00:00:00
db:	NVD	id:	CVE-2019-1697	date:	2019-05-03T16:29:00.240