Sign-up

ID

VAR-201909-0163


CVE

CVE-2019-12653


TITLE

Cisco ASR 900 Cisco IOS XE Input Validation Error Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2019-34373 // CNNVD: CNNVD-201909-1193

DESCRIPTION

A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol. Cisco IOS XE The software contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco ASR 900 is a 900 series aggregation service router of Cisco Company in the United States. Cisco IOS XE is an operating system developed for Cisco network equipment. The TCP fragment exploited this vulnerability to cause a denial of service

Trust: 2.25

sources: NVD: CVE-2019-12653 // JVNDB: JVNDB-2019-010050 // CNVD: CNVD-2019-34373 // VULHUB: VHN-144421

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2019-34373

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion:16.9

Trust: 2.2

vendor:ciscomodel:ios xescope:eqversion:16.10.1

Trust: 1.6

vendor:ciscomodel:ios xescope: - version: -

Trust: 0.8

vendor:ciscomodel:asr 902uscope:eqversion: -

Trust: 0.6

vendor:ciscomodel:asr 907scope:eqversion: -

Trust: 0.6

vendor:ciscomodel:asr 914scope:eqversion: -

Trust: 0.6

vendor:ciscomodel:asr 902scope:eqversion: -

Trust: 0.6

vendor:ciscomodel:asr 903scope:eqversion: -

Trust: 0.6

sources: CNVD: CNVD-2019-34373 // JVNDB: JVNDB-2019-010050 // CNNVD: CNNVD-201909-1193 // NVD: CVE-2019-12653

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-12653
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-12653
value: HIGH

Trust: 1.0

NVD: CVE-2019-12653
value: HIGH

Trust: 0.8

CNVD: CNVD-2019-34373
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201909-1193
value: HIGH

Trust: 0.6

VULHUB: VHN-144421
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-12653
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-34373
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-144421
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-12653
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2019-12653
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.0

Trust: 1.0

NVD: CVE-2019-12653
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2019-34373 // VULHUB: VHN-144421 // JVNDB: JVNDB-2019-010050 // CNNVD: CNNVD-201909-1193 // NVD: CVE-2019-12653 // NVD: CVE-2019-12653

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-144421 // JVNDB: JVNDB-2019-010050 // NVD: CVE-2019-12653

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201909-1193

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201909-1193

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-010050

PATCH
title:cisco-sa-20190925-rawtcp-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos
Trust: 0.8
title:Patch for Cisco ASR 900 Cisco IOS XE Input Validation Error Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/183829
Trust: 0.6
title:Cisco ASR 900 Cisco IOS XE Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98600
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-34373 // 
            
            
            
            JVNDB: JVNDB-2019-010050 // 
            
            
            
            CNNVD: CNNVD-201909-1193

EXTERNAL IDS
db:NVDid:CVE-2019-12653
Trust: 3.1
db:AUSCERTid:ESB-2019.3615
Trust: 1.2
db:JVNDBid:JVNDB-2019-010050
Trust: 0.8
db:CNNVDid:CNNVD-201909-1193
Trust: 0.7
db:CNVDid:CNVD-2019-34373
Trust: 0.6
db:AUSCERTid:ESB-2019.3615.2
Trust: 0.6
db:VULHUBid:VHN-144421
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-34373 // 
            
            
            
            VULHUB: VHN-144421 // 
            
            
            
            JVNDB: JVNDB-2019-010050 // 
            
            
            
            CNNVD: CNNVD-201909-1193 // 
            
            
            
            NVD: CVE-2019-12653

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-rawtcp-dos
Trust: 2.3
url:https://nvd.nist.gov/vuln/detail/cve-2019-12653
Trust: 2.0
url:https://www.auscert.org.au/bulletins/esb-2019.3615/
Trust: 1.2
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12653
Trust: 0.8
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-webui-cmd-injection
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-vman-cmd-injection
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-utd
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-ctspac-dos
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-xss
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-dt
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-sip-alg
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-isdn-data-leak
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iox-gs
Trust: 0.6
url:httpserv-dos
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iosxe-fsdos
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-ftp
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iosxe-digsig-bypass
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iosxe-ctbypass
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iosxe-codeexec
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-awr
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2019.3615.2/
Trust: 0.6
url:https://vigilance.fr/vulnerability/cisco-ios-xe-denial-of-service-via-raw-socket-transport-30437
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-34373 // 
            
            
            
            VULHUB: VHN-144421 // 
            
            
            
            JVNDB: JVNDB-2019-010050 // 
            
            
            
            CNNVD: CNNVD-201909-1193 // 
            
            
            
            NVD: CVE-2019-12653

SOURCES
db:CNVDid:CNVD-2019-34373
db:VULHUBid:VHN-144421
db:JVNDBid:JVNDB-2019-010050
db:CNNVDid:CNNVD-201909-1193
db:NVDid:CVE-2019-12653

LAST UPDATE DATE
2024-08-14T13:25:56.642000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-34373date:2019-10-10T00:00:00
db:VULHUBid:VHN-144421date:2019-10-09T00:00:00
db:JVNDBid:JVNDB-2019-010050date:2019-10-03T00:00:00
db:CNNVDid:CNNVD-201909-1193date:2019-10-17T00:00:00
db:NVDid:CVE-2019-12653date:2019-10-09T23:45:58.373

SOURCES RELEASE DATE
db:CNVDid:CNVD-2019-34373date:2019-10-10T00:00:00
db:VULHUBid:VHN-144421date:2019-09-25T00:00:00
db:JVNDBid:JVNDB-2019-010050date:2019-10-03T00:00:00
db:CNNVDid:CNNVD-201909-1193date:2019-09-25T00:00:00
db:NVDid:CVE-2019-12653date:2019-09-25T21:15:10.657