Details of VAR-201908-0842

ID

VAR-201908-0842

CVE

CVE-2019-1951

TITLE

Cisco SD-WAN Solution Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-007634

DESCRIPTION

A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by crafting a malicious TCP packet with specific characteristics and sending it to a target device. A successful exploit could allow the attacker to bypass the L3 and L4 traffic filters and inject an arbitrary packet in the network. Cisco SD-WAN Solution Contains an input validation vulnerability.Information may be tampered with. Cisco SD-WAN Solution is a set of network expansion solutions of Cisco (Cisco). The vulnerability stems from the failure of the network system or product to properly validate the input data

Trust: 1.71

sources: NVD: CVE-2019-1951 // JVNDB: JVNDB-2019-007634 // VULHUB: VHN-151963

AFFECTED PRODUCTS

vendor:	cisco	model:	sd-wan	scope:	lte	version:	19.1.0	Trust: 1.0
vendor:	cisco	model:	sd-wan	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2019-007634 // NVD: CVE-2019-1951

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1951
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1951
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-1951
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201908-566
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-151963
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-1951
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-151963
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-1951
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1951
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.0
NVD:	CVE-2019-1951
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-151963 // JVNDB: JVNDB-2019-007634 // CNNVD: CNNVD-201908-566 // NVD: CVE-2019-1951 // NVD: CVE-2019-1951

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.9
problemtype:	NVD-CWE-Other	Trust: 1.0

sources: VULHUB: VHN-151963 // JVNDB: JVNDB-2019-007634 // NVD: CVE-2019-1951

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-566

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201908-566

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-007634

PATCH

title:	cisco-sa-20190807-sd-wan-bypass	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-sd-wan-bypass	Trust: 0.8
title:	Cisco SD-WAN Solution Enter the fix for the verification error vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96263	Trust: 0.6

sources: JVNDB: JVNDB-2019-007634 // CNNVD: CNNVD-201908-566

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1951	Trust: 2.5
db:	JVNDB	id:	JVNDB-2019-007634	Trust: 0.8
db:	CNNVD	id:	CNNVD-201908-566	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.2991	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.2991.2	Trust: 0.6
db:	VULHUB	id:	VHN-151963	Trust: 0.1

sources: VULHUB: VHN-151963 // JVNDB: JVNDB-2019-007634 // CNNVD: CNNVD-201908-566 // NVD: CVE-2019-1951

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190807-sd-wan-bypass	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1951	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1951	Trust: 0.8
url:	https://vigilance.fr/vulnerability/cisco-sd-wan-solution-privilege-escalation-via-l3-l4-traffic-filter-bypass-29981	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.2991.2/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.2991/	Trust: 0.6

sources: VULHUB: VHN-151963 // JVNDB: JVNDB-2019-007634 // CNNVD: CNNVD-201908-566 // NVD: CVE-2019-1951

SOURCES

db:	VULHUB	id:	VHN-151963
db:	JVNDB	id:	JVNDB-2019-007634
db:	CNNVD	id:	CNNVD-201908-566
db:	NVD	id:	CVE-2019-1951

LAST UPDATE DATE

2024-08-14T15:28:29.610000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-151963	date:	2020-10-16T00:00:00
db:	JVNDB	id:	JVNDB-2019-007634	date:	2019-08-16T00:00:00
db:	CNNVD	id:	CNNVD-201908-566	date:	2020-10-21T00:00:00
db:	NVD	id:	CVE-2019-1951	date:	2020-10-16T14:40:24.687

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-151963	date:	2019-08-08T00:00:00
db:	JVNDB	id:	JVNDB-2019-007634	date:	2019-08-16T00:00:00
db:	CNNVD	id:	CNNVD-201908-566	date:	2019-08-07T00:00:00
db:	NVD	id:	CVE-2019-1951	date:	2019-08-08T08:15:12.273