ID

VAR-201909-0163


CVE

CVE-2019-12653


TITLE

Cisco ASR 900 Cisco IOS XE Input Validation Error Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2019-34373 // CNNVD: CNNVD-201909-1193

DESCRIPTION

A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol. Cisco IOS XE The software contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco ASR 900 is a 900 series aggregation service router of Cisco Company in the United States. Cisco IOS XE is an operating system developed for Cisco network equipment. The TCP fragment exploited this vulnerability to cause a denial of service

Trust: 2.25

sources: NVD: CVE-2019-12653 // JVNDB: JVNDB-2019-010050 // CNVD: CNVD-2019-34373 // VULHUB: VHN-144421

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2019-34373

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion:16.9

Trust: 2.2

vendor:ciscomodel:ios xescope:eqversion:16.10.1

Trust: 1.6

vendor:ciscomodel:ios xescope: - version: -

Trust: 0.8

vendor:ciscomodel:asr 902uscope:eqversion: -

Trust: 0.6

vendor:ciscomodel:asr 907scope:eqversion: -

Trust: 0.6

vendor:ciscomodel:asr 914scope:eqversion: -

Trust: 0.6

vendor:ciscomodel:asr 902scope:eqversion: -

Trust: 0.6

vendor:ciscomodel:asr 903scope:eqversion: -

Trust: 0.6

sources: CNVD: CNVD-2019-34373 // JVNDB: JVNDB-2019-010050 // CNNVD: CNNVD-201909-1193 // NVD: CVE-2019-12653

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-12653
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-12653
value: HIGH

Trust: 1.0

NVD: CVE-2019-12653
value: HIGH

Trust: 0.8

CNVD: CNVD-2019-34373
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201909-1193
value: HIGH

Trust: 0.6

VULHUB: VHN-144421
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-12653
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-34373
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-144421
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-12653
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2019-12653
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.0

Trust: 1.0

NVD: CVE-2019-12653
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2019-34373 // VULHUB: VHN-144421 // JVNDB: JVNDB-2019-010050 // CNNVD: CNNVD-201909-1193 // NVD: CVE-2019-12653 // NVD: CVE-2019-12653

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-144421 // JVNDB: JVNDB-2019-010050 // NVD: CVE-2019-12653

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201909-1193

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201909-1193

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-010050

PATCH

title:cisco-sa-20190925-rawtcp-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos

Trust: 0.8

title:Patch for Cisco ASR 900 Cisco IOS XE Input Validation Error Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/183829

Trust: 0.6

title:Cisco ASR 900 Cisco IOS XE Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98600

Trust: 0.6

sources: CNVD: CNVD-2019-34373 // JVNDB: JVNDB-2019-010050 // CNNVD: CNNVD-201909-1193

EXTERNAL IDS

db:NVDid:CVE-2019-12653

Trust: 3.1

db:AUSCERTid:ESB-2019.3615

Trust: 1.2

db:JVNDBid:JVNDB-2019-010050

Trust: 0.8

db:CNNVDid:CNNVD-201909-1193

Trust: 0.7

db:CNVDid:CNVD-2019-34373

Trust: 0.6

db:AUSCERTid:ESB-2019.3615.2

Trust: 0.6

db:VULHUBid:VHN-144421

Trust: 0.1

sources: CNVD: CNVD-2019-34373 // VULHUB: VHN-144421 // JVNDB: JVNDB-2019-010050 // CNNVD: CNNVD-201909-1193 // NVD: CVE-2019-12653

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-rawtcp-dos

Trust: 2.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-12653

Trust: 2.0

url:https://www.auscert.org.au/bulletins/esb-2019.3615/

Trust: 1.2

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12653

Trust: 0.8

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-webui-cmd-injection

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-vman-cmd-injection

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-utd

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-ctspac-dos

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-xss

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-dt

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-sip-alg

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-isdn-data-leak

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iox-gs

Trust: 0.6

url:httpserv-dos

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iosxe-fsdos

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-ftp

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iosxe-digsig-bypass

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iosxe-ctbypass

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iosxe-codeexec

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-awr

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.3615.2/

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-ios-xe-denial-of-service-via-raw-socket-transport-30437

Trust: 0.6

sources: CNVD: CNVD-2019-34373 // VULHUB: VHN-144421 // JVNDB: JVNDB-2019-010050 // CNNVD: CNNVD-201909-1193 // NVD: CVE-2019-12653

SOURCES

db:CNVDid:CNVD-2019-34373
db:VULHUBid:VHN-144421
db:JVNDBid:JVNDB-2019-010050
db:CNNVDid:CNNVD-201909-1193
db:NVDid:CVE-2019-12653

LAST UPDATE DATE

2024-08-14T13:25:56.642000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2019-34373date:2019-10-10T00:00:00
db:VULHUBid:VHN-144421date:2019-10-09T00:00:00
db:JVNDBid:JVNDB-2019-010050date:2019-10-03T00:00:00
db:CNNVDid:CNNVD-201909-1193date:2019-10-17T00:00:00
db:NVDid:CVE-2019-12653date:2019-10-09T23:45:58.373

SOURCES RELEASE DATE

db:CNVDid:CNVD-2019-34373date:2019-10-10T00:00:00
db:VULHUBid:VHN-144421date:2019-09-25T00:00:00
db:JVNDBid:JVNDB-2019-010050date:2019-10-03T00:00:00
db:CNNVDid:CNNVD-201909-1193date:2019-09-25T00:00:00
db:NVDid:CVE-2019-12653date:2019-09-25T21:15:10.657