ID

VAR-201910-0370


CVE

CVE-2019-12698


TITLE

Cisco Adaptive Security Appliance and Firepower Threat Defense Software depletion vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-010473

DESCRIPTION

A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for a specific WebVPN HTTP page request. An attacker could exploit this vulnerability by sending multiple WebVPN HTTP page load requests for a specific URL. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition, which could cause traffic to be delayed through the device. Cisco Adaptive Security Appliances Software is a firewall and network security platform. The platform provides features such as highly secure access to data and network resources

Trust: 1.71

sources: NVD: CVE-2019-12698 // JVNDB: JVNDB-2019-010473 // VULHUB: VHN-144470

AFFECTED PRODUCTS

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.13

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.13.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.12.2.9

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.3.0.5

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.8.4.9

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.4.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.10

Trust: 1.0

vendor:ciscomodel:adaptive security appliancescope:ltversion:9.6.4.31

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.4.0.6

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.10.1.30

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.3.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.2.3.15

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.12

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.7

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.9.2.56

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.9

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2019-010473 // NVD: CVE-2019-12698

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-12698
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-12698
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-12698
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201910-071
value: HIGH

Trust: 0.6

VULHUB: VHN-144470
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-12698
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-144470
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-12698
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2019-12698
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.0

NVD: CVE-2019-12698
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-144470 // JVNDB: JVNDB-2019-010473 // CNNVD: CNNVD-201910-071 // NVD: CVE-2019-12698 // NVD: CVE-2019-12698

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

problemtype:NVD-CWE-Other

Trust: 1.0

sources: VULHUB: VHN-144470 // JVNDB: JVNDB-2019-010473 // NVD: CVE-2019-12698

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201910-071

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201910-071

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-010473

PATCH

title:cisco-sa-20191002-asa-ftd-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-dos

Trust: 0.8

title:Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98807

Trust: 0.6

sources: JVNDB: JVNDB-2019-010473 // CNNVD: CNNVD-201910-071

EXTERNAL IDS

db:NVDid:CVE-2019-12698

Trust: 2.5

db:JVNDBid:JVNDB-2019-010473

Trust: 0.8

db:CNNVDid:CNNVD-201910-071

Trust: 0.7

db:AUSCERTid:ESB-2019.3698

Trust: 0.6

db:AUSCERTid:ESB-2019.3698.3

Trust: 0.6

db:VULHUBid:VHN-144470

Trust: 0.1

sources: VULHUB: VHN-144470 // JVNDB: JVNDB-2019-010473 // CNNVD: CNNVD-201910-071 // NVD: CVE-2019-12698

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-asa-ftd-dos

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-12698

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12698

Trust: 0.8

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-asa-xss

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-asa-ftd-sip-dos

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-asa-ospf-lsa-dos

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-asa-ftd-ikev1-dos

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-asa-dos

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-asa-scp-dos

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-asa-ssl-vpn-dos

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-asa-infinite-loop-via-webvpn-30505

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.3698.3/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.3698/

Trust: 0.6

sources: VULHUB: VHN-144470 // JVNDB: JVNDB-2019-010473 // CNNVD: CNNVD-201910-071 // NVD: CVE-2019-12698

SOURCES

db:VULHUBid:VHN-144470
db:JVNDBid:JVNDB-2019-010473
db:CNNVDid:CNNVD-201910-071
db:NVDid:CVE-2019-12698

LAST UPDATE DATE

2024-08-14T13:25:34.425000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-144470date:2020-10-08T00:00:00
db:JVNDBid:JVNDB-2019-010473date:2019-10-16T00:00:00
db:CNNVDid:CNNVD-201910-071date:2020-10-09T00:00:00
db:NVDid:CVE-2019-12698date:2023-08-16T16:17:07.960

SOURCES RELEASE DATE

db:VULHUBid:VHN-144470date:2019-10-02T00:00:00
db:JVNDBid:JVNDB-2019-010473date:2019-10-16T00:00:00
db:CNNVDid:CNNVD-201910-071date:2019-10-02T00:00:00
db:NVDid:CVE-2019-12698date:2019-10-02T19:15:13.657