ID

VAR-201908-0842


CVE

CVE-2019-1951


TITLE

Cisco SD-WAN Solution Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-007634

DESCRIPTION

A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by crafting a malicious TCP packet with specific characteristics and sending it to a target device. A successful exploit could allow the attacker to bypass the L3 and L4 traffic filters and inject an arbitrary packet in the network. Cisco SD-WAN Solution Contains an input validation vulnerability.Information may be tampered with. Cisco SD-WAN Solution is a set of network expansion solutions of Cisco (Cisco). The vulnerability stems from the failure of the network system or product to properly validate the input data

Trust: 1.71

sources: NVD: CVE-2019-1951 // JVNDB: JVNDB-2019-007634 // VULHUB: VHN-151963

AFFECTED PRODUCTS

vendor:ciscomodel:sd-wanscope:lteversion:19.1.0

Trust: 1.0

vendor:ciscomodel:sd-wanscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2019-007634 // NVD: CVE-2019-1951

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1951
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1951
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1951
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201908-566
value: MEDIUM

Trust: 0.6

VULHUB: VHN-151963
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-1951
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-151963
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1951
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1951
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.0

NVD: CVE-2019-1951
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-151963 // JVNDB: JVNDB-2019-007634 // CNNVD: CNNVD-201908-566 // NVD: CVE-2019-1951 // NVD: CVE-2019-1951

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

problemtype:NVD-CWE-Other

Trust: 1.0

sources: VULHUB: VHN-151963 // JVNDB: JVNDB-2019-007634 // NVD: CVE-2019-1951

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-566

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201908-566

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-007634

PATCH

title:cisco-sa-20190807-sd-wan-bypassurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-sd-wan-bypass

Trust: 0.8

title:Cisco SD-WAN Solution Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96263

Trust: 0.6

sources: JVNDB: JVNDB-2019-007634 // CNNVD: CNNVD-201908-566

EXTERNAL IDS

db:NVDid:CVE-2019-1951

Trust: 2.5

db:JVNDBid:JVNDB-2019-007634

Trust: 0.8

db:CNNVDid:CNNVD-201908-566

Trust: 0.7

db:AUSCERTid:ESB-2019.2991

Trust: 0.6

db:AUSCERTid:ESB-2019.2991.2

Trust: 0.6

db:VULHUBid:VHN-151963

Trust: 0.1

sources: VULHUB: VHN-151963 // JVNDB: JVNDB-2019-007634 // CNNVD: CNNVD-201908-566 // NVD: CVE-2019-1951

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190807-sd-wan-bypass

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-1951

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1951

Trust: 0.8

url:https://vigilance.fr/vulnerability/cisco-sd-wan-solution-privilege-escalation-via-l3-l4-traffic-filter-bypass-29981

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.2991.2/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.2991/

Trust: 0.6

sources: VULHUB: VHN-151963 // JVNDB: JVNDB-2019-007634 // CNNVD: CNNVD-201908-566 // NVD: CVE-2019-1951

SOURCES

db:VULHUBid:VHN-151963
db:JVNDBid:JVNDB-2019-007634
db:CNNVDid:CNNVD-201908-566
db:NVDid:CVE-2019-1951

LAST UPDATE DATE

2024-08-14T15:28:29.610000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-151963date:2020-10-16T00:00:00
db:JVNDBid:JVNDB-2019-007634date:2019-08-16T00:00:00
db:CNNVDid:CNNVD-201908-566date:2020-10-21T00:00:00
db:NVDid:CVE-2019-1951date:2020-10-16T14:40:24.687

SOURCES RELEASE DATE

db:VULHUBid:VHN-151963date:2019-08-08T00:00:00
db:JVNDBid:JVNDB-2019-007634date:2019-08-16T00:00:00
db:CNNVDid:CNNVD-201908-566date:2019-08-07T00:00:00
db:NVDid:CVE-2019-1951date:2019-08-08T08:15:12.273