Details of VAR-201910-0370

ID

VAR-201910-0370

CVE

CVE-2019-12698

TITLE

Cisco Adaptive Security Appliance and Firepower Threat Defense Software depletion vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-010473

DESCRIPTION

A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for a specific WebVPN HTTP page request. An attacker could exploit this vulnerability by sending multiple WebVPN HTTP page load requests for a specific URL. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition, which could cause traffic to be delayed through the device. Cisco Adaptive Security Appliances Software is a firewall and network security platform. The platform provides features such as highly secure access to data and network resources

Trust: 1.71

sources: NVD: CVE-2019-12698 // JVNDB: JVNDB-2019-010473 // VULHUB: VHN-144470

AFFECTED PRODUCTS

vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.13	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.13.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.12.2.9	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.3.0.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.8.4.9	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance	scope:	lt	version:	9.6.4.31	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.4.0.6	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.10.1.30	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.3.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.2.3.15	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.12	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.9.2.56	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.9	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2019-010473 // NVD: CVE-2019-12698

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-12698
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-12698
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-12698
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201910-071
value:	HIGH
Trust: 0.6
VULHUB:	VHN-144470
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-12698
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-144470
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-12698
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-12698
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.0
NVD:	CVE-2019-12698
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-144470 // JVNDB: JVNDB-2019-010473 // CNNVD: CNNVD-201910-071 // NVD: CVE-2019-12698 // NVD: CVE-2019-12698

PROBLEMTYPE DATA

problemtype:	CWE-400	Trust: 1.9
problemtype:	NVD-CWE-Other	Trust: 1.0

sources: VULHUB: VHN-144470 // JVNDB: JVNDB-2019-010473 // NVD: CVE-2019-12698

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201910-071

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201910-071

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-010473

PATCH

title:	cisco-sa-20191002-asa-ftd-dos	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-dos	Trust: 0.8
title:	Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Remediation of resource management error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98807	Trust: 0.6

sources: JVNDB: JVNDB-2019-010473 // CNNVD: CNNVD-201910-071

EXTERNAL IDS

db:	NVD	id:	CVE-2019-12698	Trust: 2.5
db:	JVNDB	id:	JVNDB-2019-010473	Trust: 0.8
db:	CNNVD	id:	CNNVD-201910-071	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.3698	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.3698.3	Trust: 0.6
db:	VULHUB	id:	VHN-144470	Trust: 0.1

sources: VULHUB: VHN-144470 // JVNDB: JVNDB-2019-010473 // CNNVD: CNNVD-201910-071 // NVD: CVE-2019-12698

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-asa-ftd-dos	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-12698	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12698	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-asa-xss	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-asa-ftd-sip-dos	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-asa-ospf-lsa-dos	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-asa-ftd-ikev1-dos	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-asa-dos	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-asa-scp-dos	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-asa-ssl-vpn-dos	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-asa-infinite-loop-via-webvpn-30505	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.3698.3/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.3698/	Trust: 0.6

sources: VULHUB: VHN-144470 // JVNDB: JVNDB-2019-010473 // CNNVD: CNNVD-201910-071 // NVD: CVE-2019-12698

SOURCES

db:	VULHUB	id:	VHN-144470
db:	JVNDB	id:	JVNDB-2019-010473
db:	CNNVD	id:	CNNVD-201910-071
db:	NVD	id:	CVE-2019-12698

LAST UPDATE DATE

2024-08-14T13:25:34.425000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-144470	date:	2020-10-08T00:00:00
db:	JVNDB	id:	JVNDB-2019-010473	date:	2019-10-16T00:00:00
db:	CNNVD	id:	CNNVD-201910-071	date:	2020-10-09T00:00:00
db:	NVD	id:	CVE-2019-12698	date:	2023-08-16T16:17:07.960

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-144470	date:	2019-10-02T00:00:00
db:	JVNDB	id:	JVNDB-2019-010473	date:	2019-10-16T00:00:00
db:	CNNVD	id:	CNNVD-201910-071	date:	2019-10-02T00:00:00
db:	NVD	id:	CVE-2019-12698	date:	2019-10-02T19:15:13.657