Sign-up

ID

VAR-201909-0162


CVE

CVE-2019-12652


TITLE

Cisco IOS Software depletion vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-010049

DESCRIPTION

A vulnerability in the ingress packet processing function of Cisco IOS Software for Cisco Catalyst 4000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource allocation when processing TCP packets directed to the device on specific Cisco Catalyst 4000 Series Switches. An attacker could exploit this vulnerability by sending crafted TCP streams to an affected device. A successful exploit could cause the affected device to run out of buffer resources, impairing operations of control plane and management plane protocols, resulting in a DoS condition. This vulnerability can be triggered only by traffic that is destined to an affected device and cannot be exploited using traffic that transits an affected device. Cisco IOS The software is vulnerable to resource exhaustion.Service operation interruption (DoS) There is a possibility of being put into a state. The following products and versions are affected: Cisco Catalyst 4500 Supervisor Engine 6-E; Catalyst 4500 Supervisor Engine 6L-E; Catalyst 4900M Switch; Catalyst 4948E Ethernet Switch; Catalyst 4948E-F Ethernet Switch

Trust: 1.71

sources: NVD: CVE-2019-12652 // JVNDB: JVNDB-2019-010049 // VULHUB: VHN-144420

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)e3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)e1

Trust: 1.0

vendor:ciscomodel:iosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2019-010049 // NVD: CVE-2019-12652

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-12652
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-12652
value: HIGH

Trust: 1.0

NVD: CVE-2019-12652
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201909-1181
value: HIGH

Trust: 0.6

VULHUB: VHN-144420
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-12652
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-144420
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-12652
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2019-12652
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.0

Trust: 1.0

NVD: CVE-2019-12652
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-144420 // JVNDB: JVNDB-2019-010049 // CNNVD: CNNVD-201909-1181 // NVD: CVE-2019-12652 // NVD: CVE-2019-12652

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.0

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-400

Trust: 0.9

sources: VULHUB: VHN-144420 // JVNDB: JVNDB-2019-010049 // NVD: CVE-2019-12652

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201909-1181

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201909-1181

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-010049

PATCH
title:cisco-sa-20190925-cat4000-tcp-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-cat4000-tcp-dos
Trust: 0.8
title:Multiple Cisco product IOS Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98591
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-010049 // 
            
            
            
            CNNVD: CNNVD-201909-1181

EXTERNAL IDS
db:NVDid:CVE-2019-12652
Trust: 2.5
db:JVNDBid:JVNDB-2019-010049
Trust: 0.8
db:CNNVDid:CNNVD-201909-1181
Trust: 0.7
db:AUSCERTid:ESB-2019.3623
Trust: 0.6
db:VULHUBid:VHN-144420
Trust: 0.1
sources:
            
            
            VULHUB: VHN-144420 // 
            
            
            
            JVNDB: JVNDB-2019-010049 // 
            
            
            
            CNNVD: CNNVD-201909-1181 // 
            
            
            
            NVD: CVE-2019-12652

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-cat4000-tcp-dos
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2019-12652
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12652
Trust: 0.8
url:https://vigilance.fr/vulnerability/cisco-catalyst-4000-denial-of-service-via-tcp-30418
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2019.3623/
Trust: 0.6
sources:
            
            
            VULHUB: VHN-144420 // 
            
            
            
            JVNDB: JVNDB-2019-010049 // 
            
            
            
            CNNVD: CNNVD-201909-1181 // 
            
            
            
            NVD: CVE-2019-12652

SOURCES
db:VULHUBid:VHN-144420
db:JVNDBid:JVNDB-2019-010049
db:CNNVDid:CNNVD-201909-1181
db:NVDid:CVE-2019-12652

LAST UPDATE DATE
2024-11-23T22:25:47.539000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-144420date:2020-10-08T00:00:00
db:JVNDBid:JVNDB-2019-010049date:2019-10-03T00:00:00
db:CNNVDid:CNNVD-201909-1181date:2020-10-09T00:00:00
db:NVDid:CVE-2019-12652date:2024-11-21T04:23:16.060

SOURCES RELEASE DATE
db:VULHUBid:VHN-144420date:2019-09-25T00:00:00
db:JVNDBid:JVNDB-2019-010049date:2019-10-03T00:00:00
db:CNNVDid:CNNVD-201909-1181date:2019-09-25T00:00:00
db:NVDid:CVE-2019-12652date:2019-09-25T21:15:10.593