Details of VAR-201905-1318

ID

VAR-201905-1318

CVE

CVE-2019-1708

TITLE

Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software improper resource shutdown and release vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-004377

DESCRIPTION

A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to the incorrect processing of certain MOBIKE packets. An attacker could exploit this vulnerability by sending crafted MOBIKE packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. The MOBIKE feature is supported only for IPv4 addresses. This issue is being tracked by Cisco Bug ID CSCvm72145. Cisco Nexus 5500 Series Switches are all products of Cisco (Cisco). Cisco Nexus 5500 Series Switches is a 5500 series switch product. Cisco Firepower 4100 Series is a 4100 series firewall device. FTD Software is one of the unified software that provides next-generation firewall services. Cisco 3000 Series Industrial Security Appliances is a 3000 series firewall appliance. ASA Software is one of those firewall and network security platforms. The platform provides features such as highly secure access to data and network resources. The following products are affected: Cisco 3000 Series Industrial Security Appliances (ISAs); ASA 5500 Series Adaptive Security Appliances; ASA 5500-X Series Firewalls; ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers; Security Appliance; FTD Virtual (FTDv)

Trust: 1.98

sources: NVD: CVE-2019-1708 // JVNDB: JVNDB-2019-004377 // BID: 108166 // VULHUB: VHN-149290

AFFECTED PRODUCTS

vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.8	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lte	version:	6.2.3.12	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.2.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lte	version:	9.9.2.50	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lte	version:	9.10.1.17	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.3.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lte	version:	9.8.4	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lte	version:	6.3.0.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.9	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense virtual	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.4	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.2	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.1	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.1	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.0	Trust: 0.3
vendor:	cisco	model:	firepower security appliance	scope:	eq	version:	93000	Trust: 0.3
vendor:	cisco	model:	firepower series	scope:	eq	version:	41000	Trust: 0.3
vendor:	cisco	model:	asa services module for cisco catalyst series switches	scope:	eq	version:	65000	Trust: 0.3
vendor:	cisco	model:	asa services module for cisco series routers	scope:	eq	version:	76000	Trust: 0.3
vendor:	cisco	model:	asa series firewalls	scope:	eq	version:	5500-x9.9(2)	Trust: 0.3
vendor:	cisco	model:	asa series firewalls	scope:	eq	version:	5500-x0	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliances	scope:	eq	version:	55000	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.11	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.10	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.7	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.5	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.4	Trust: 0.3
vendor:	cisco	model:	series industrial security appliance	scope:	eq	version:	30000	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	ne	version:	6.3.0.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	ne	version:	6.2.3.12	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.8.4	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.9.2.50	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.6.4.25	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.4.4.34	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.10.1.17	Trust: 0.3

sources: BID: 108166 // JVNDB: JVNDB-2019-004377 // NVD: CVE-2019-1708

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1708
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1708
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-1708
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201905-039
value:	HIGH
Trust: 0.6
VULHUB:	VHN-149290
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-1708
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-149290
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

ykramarz@cisco.com:	CVE-2019-1708
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2019-1708
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-149290 // JVNDB: JVNDB-2019-004377 // CNNVD: CNNVD-201905-039 // NVD: CVE-2019-1708 // NVD: CVE-2019-1708

PROBLEMTYPE DATA

problemtype:	CWE-404	Trust: 1.9
problemtype:	CWE-401	Trust: 1.0

sources: VULHUB: VHN-149290 // JVNDB: JVNDB-2019-004377 // NVD: CVE-2019-1708

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-039

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201905-039

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-004377

PATCH

title:	cisco-sa-20190501-asa-ftd-ike-dos	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-ike-dos	Trust: 0.8
title:	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92188	Trust: 0.6

sources: JVNDB: JVNDB-2019-004377 // CNNVD: CNNVD-201905-039

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1708	Trust: 2.8
db:	BID	id:	108166	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-004377	Trust: 0.8
db:	CNNVD	id:	CNNVD-201905-039	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.1510.2	Trust: 0.6
db:	VULHUB	id:	VHN-149290	Trust: 0.1

sources: VULHUB: VHN-149290 // BID: 108166 // JVNDB: JVNDB-2019-004377 // CNNVD: CNNVD-201905-039 // NVD: CVE-2019-1708

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-asa-ftd-ike-dos	Trust: 2.6
url:	http://www.securityfocus.com/bid/108166	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1708	Trust: 1.4
url:	http://www.cisco.com/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1708	Trust: 0.8
url:	https://vigilance.fr/vulnerability/cisco-asa-memory-leak-via-mobike-29196	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/80090	Trust: 0.6

sources: VULHUB: VHN-149290 // BID: 108166 // JVNDB: JVNDB-2019-004377 // CNNVD: CNNVD-201905-039 // NVD: CVE-2019-1708

CREDITS

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Trust: 0.6

sources: CNNVD: CNNVD-201905-039

SOURCES

db:	VULHUB	id:	VHN-149290
db:	BID	id:	108166
db:	JVNDB	id:	JVNDB-2019-004377
db:	CNNVD	id:	CNNVD-201905-039
db:	NVD	id:	CVE-2019-1708

LAST UPDATE DATE

2024-08-14T13:45:03.454000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-149290	date:	2019-10-09T00:00:00
db:	BID	id:	108166	date:	2019-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2019-004377	date:	2019-05-31T00:00:00
db:	CNNVD	id:	CNNVD-201905-039	date:	2021-11-02T00:00:00
db:	NVD	id:	CVE-2019-1708	date:	2023-08-15T15:24:56.340

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-149290	date:	2019-05-03T00:00:00
db:	BID	id:	108166	date:	2019-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2019-004377	date:	2019-05-31T00:00:00
db:	CNNVD	id:	CNNVD-201905-039	date:	2019-05-01T00:00:00
db:	NVD	id:	CVE-2019-1708	date:	2019-05-03T16:29:00.680