ID

VAR-201908-0838


CVE

CVE-2019-1967


TITLE

Cisco NX-OS Software resource management vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-008866

DESCRIPTION

A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affected device is logging a drop action for received MODE_PRIVATE (Mode 7) NTP packets. An attacker could exploit this vulnerability by flooding the device with a steady stream of Mode 7 NTP packets. A successful exploit could allow the attacker to cause high CPU and memory usage on the affected device, which could cause internal system processes to restart or cause the affected device to unexpectedly reload. Note: The NTP feature is enabled by default. Cisco NX-OS The software contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco NX-OS Software is a data center-level operating system software used by a set of switches of Cisco. The following products and versions are affected: Cisco MDS 9000 Series Multilayer Switches; Nexus 3000 Series Switches; Nexus 3500 Platform Switches; Nexus 3600 Platform Switches; Nexus 5500 Platform Switches; Nexus 5600 Platform Switches; 7700 Series Switches; Nexus 9000 Series Switches (standalone NX-OS mode); Nexus 9500 R-Series Switching Platform

Trust: 1.71

sources: NVD: CVE-2019-1967 // JVNDB: JVNDB-2019-008866 // VULHUB: VHN-152139

AFFECTED PRODUCTS

vendor:ciscomodel:nx-osscope:eqversion:6.0\(2\)a8

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.1\(4\)n1\(1\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:6.2

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:6.0\(2\)a8\(9.7\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.1\(4\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.0\(3\)f

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.2

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:6.0\(2\)u6

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:8.1

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:8.3

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:8.3\(2\)s5

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:9.2\(1\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.1\(5\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.3\(2\)d1\(1\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.3

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.0\(3\)i7

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:9.2

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:8.2

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.0\(3\)i

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:8.0

Trust: 1.0

vendor:ciscomodel:nx-osscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2019-008866 // NVD: CVE-2019-1967

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1967
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1967
value: HIGH

Trust: 1.0

NVD: CVE-2019-1967
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201908-2141
value: HIGH

Trust: 0.6

VULHUB: VHN-152139
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-1967
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-152139
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1967
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1967
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.0

Trust: 1.0

NVD: CVE-2019-1967
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-152139 // JVNDB: JVNDB-2019-008866 // CNNVD: CNNVD-201908-2141 // NVD: CVE-2019-1967 // NVD: CVE-2019-1967

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

problemtype:CWE-400

Trust: 1.1

sources: VULHUB: VHN-152139 // JVNDB: JVNDB-2019-008866 // NVD: CVE-2019-1967

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-2141

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201908-2141

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-008866

PATCH

title:cisco-sa-20190828-nxos-ntp-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ntp-dos

Trust: 0.8

title:Cisco NX-OS Software Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97629

Trust: 0.6

sources: JVNDB: JVNDB-2019-008866 // CNNVD: CNNVD-201908-2141

EXTERNAL IDS

db:NVDid:CVE-2019-1967

Trust: 2.5

db:JVNDBid:JVNDB-2019-008866

Trust: 0.8

db:CNNVDid:CNNVD-201908-2141

Trust: 0.7

db:AUSCERTid:ESB-2019.3276.2

Trust: 0.6

db:AUSCERTid:ESB-2019.3276

Trust: 0.6

db:VULHUBid:VHN-152139

Trust: 0.1

sources: VULHUB: VHN-152139 // JVNDB: JVNDB-2019-008866 // CNNVD: CNNVD-201908-2141 // NVD: CVE-2019-1967

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-ntp-dos

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-1967

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1967

Trust: 0.8

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-snmp-bypass

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-memleak-dos

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-api-dos

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-ipv6-dos

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-fsip-dos

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-fxnxos-snmp-dos

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-nx-os-denial-of-service-via-ntp-30191

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.3276.2/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.3276/

Trust: 0.6

sources: VULHUB: VHN-152139 // JVNDB: JVNDB-2019-008866 // CNNVD: CNNVD-201908-2141 // NVD: CVE-2019-1967

CREDITS

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Trust: 0.6

sources: CNNVD: CNNVD-201908-2141

SOURCES

db:VULHUBid:VHN-152139
db:JVNDBid:JVNDB-2019-008866
db:CNNVDid:CNNVD-201908-2141
db:NVDid:CVE-2019-1967

LAST UPDATE DATE

2024-11-23T21:59:47.394000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-152139date:2020-10-16T00:00:00
db:JVNDBid:JVNDB-2019-008866date:2019-09-06T00:00:00
db:CNNVDid:CNNVD-201908-2141date:2020-10-19T00:00:00
db:NVDid:CVE-2019-1967date:2024-11-21T04:37:47.367

SOURCES RELEASE DATE

db:VULHUBid:VHN-152139date:2019-08-30T00:00:00
db:JVNDBid:JVNDB-2019-008866date:2019-09-06T00:00:00
db:CNNVDid:CNNVD-201908-2141date:2019-08-28T00:00:00
db:NVDid:CVE-2019-1967date:2019-08-30T09:15:20.287