Sign-up

ID

VAR-201908-0838


CVE

CVE-2019-1967


TITLE

Cisco NX-OS Software resource management vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-008866

DESCRIPTION

A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affected device is logging a drop action for received MODE_PRIVATE (Mode 7) NTP packets. An attacker could exploit this vulnerability by flooding the device with a steady stream of Mode 7 NTP packets. A successful exploit could allow the attacker to cause high CPU and memory usage on the affected device, which could cause internal system processes to restart or cause the affected device to unexpectedly reload. Note: The NTP feature is enabled by default. Cisco NX-OS The software contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco NX-OS Software is a data center-level operating system software used by a set of switches of Cisco. The following products and versions are affected: Cisco MDS 9000 Series Multilayer Switches; Nexus 3000 Series Switches; Nexus 3500 Platform Switches; Nexus 3600 Platform Switches; Nexus 5500 Platform Switches; Nexus 5600 Platform Switches; 7700 Series Switches; Nexus 9000 Series Switches (standalone NX-OS mode); Nexus 9500 R-Series Switching Platform

Trust: 1.71

sources: NVD: CVE-2019-1967 // JVNDB: JVNDB-2019-008866 // VULHUB: VHN-152139

AFFECTED PRODUCTS

vendor:ciscomodel:nx-osscope:eqversion:6.0\(2\)a8\(9.7\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:6.0\(2\)a8

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:8.2

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:8.1

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:8.0

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.2

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.3

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:9.2

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:8.3\(2\)s5

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:6.2

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:6.0\(2\)u6

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:9.2\(1\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:8.3

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.0\(3\)i

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.1\(4\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.3\(2\)d1\(1\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.1\(5\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.0\(3\)i7

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.0\(3\)f

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.1\(4\)n1\(1\)

Trust: 1.0

vendor:ciscomodel:nx-osscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2019-008866 // NVD: CVE-2019-1967

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1967
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1967
value: HIGH

Trust: 1.0

NVD: CVE-2019-1967
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201908-2141
value: HIGH

Trust: 0.6

VULHUB: VHN-152139
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-1967
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-152139
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1967
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1967
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.0

Trust: 1.0

NVD: CVE-2019-1967
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-152139 // JVNDB: JVNDB-2019-008866 // CNNVD: CNNVD-201908-2141 // NVD: CVE-2019-1967 // NVD: CVE-2019-1967

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

problemtype:CWE-400

Trust: 1.1

sources: VULHUB: VHN-152139 // JVNDB: JVNDB-2019-008866 // NVD: CVE-2019-1967

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-2141

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201908-2141

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-008866

PATCH
title:cisco-sa-20190828-nxos-ntp-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ntp-dos
Trust: 0.8
title:Cisco NX-OS Software Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97629
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-008866 // 
            
            
            
            CNNVD: CNNVD-201908-2141

EXTERNAL IDS
db:NVDid:CVE-2019-1967
Trust: 2.5
db:JVNDBid:JVNDB-2019-008866
Trust: 0.8
db:CNNVDid:CNNVD-201908-2141
Trust: 0.7
db:AUSCERTid:ESB-2019.3276.2
Trust: 0.6
db:AUSCERTid:ESB-2019.3276
Trust: 0.6
db:VULHUBid:VHN-152139
Trust: 0.1
sources:
            
            
            VULHUB: VHN-152139 // 
            
            
            
            JVNDB: JVNDB-2019-008866 // 
            
            
            
            CNNVD: CNNVD-201908-2141 // 
            
            
            
            NVD: CVE-2019-1967

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-ntp-dos
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2019-1967
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1967
Trust: 0.8
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-snmp-bypass
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-memleak-dos
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-api-dos
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-ipv6-dos
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-fsip-dos
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-fxnxos-snmp-dos
Trust: 0.6
url:https://vigilance.fr/vulnerability/cisco-nx-os-denial-of-service-via-ntp-30191
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2019.3276.2/
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2019.3276/
Trust: 0.6
sources:
            
            
            VULHUB: VHN-152139 // 
            
            
            
            JVNDB: JVNDB-2019-008866 // 
            
            
            
            CNNVD: CNNVD-201908-2141 // 
            
            
            
            NVD: CVE-2019-1967

CREDITS
The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201908-2141

SOURCES
db:VULHUBid:VHN-152139
db:JVNDBid:JVNDB-2019-008866
db:CNNVDid:CNNVD-201908-2141
db:NVDid:CVE-2019-1967

LAST UPDATE DATE
2024-08-14T13:44:47.738000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-152139date:2020-10-16T00:00:00
db:JVNDBid:JVNDB-2019-008866date:2019-09-06T00:00:00
db:CNNVDid:CNNVD-201908-2141date:2020-10-19T00:00:00
db:NVDid:CVE-2019-1967date:2020-10-16T14:05:32.580

SOURCES RELEASE DATE
db:VULHUBid:VHN-152139date:2019-08-30T00:00:00
db:JVNDBid:JVNDB-2019-008866date:2019-09-06T00:00:00
db:CNNVDid:CNNVD-201908-2141date:2019-08-28T00:00:00
db:NVDid:CVE-2019-1967date:2019-08-30T09:15:20.287