cnvd - cnvd-2019-13284

CNVD-2019-13284

Vulnerability from cnvd - Published: 2019-05-08

Title

Cisco Expressway Series和Cisco TelePresence Video Communication Server输入验证错误漏洞

Description

Cisco Expressway Series和Cisco TelePresence Video Communication Server（VCS）都是美国思科（Cisco）公司的产品。Cisco Expressway Series是一款用于统一通信的高级协作网关。Cisco TelePresence Video Communication Server是一款视频通信服务器。 Cisco Expressway Series和Cisco TelePresence VCS X12.5.1之前版本中的电话簿功能存在输入验证错误漏洞，该漏洞源于网络系统或产品未对输入的数据进行正确的验证。攻击可利用漏洞耗尽CPU资源，从而导致DOS情况。

Severity

中

Patch Name

Cisco Expressway Series和Cisco TelePresence Video Communication Server输入验证错误漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-es-tvcs-dos

Reference

https://web.nvd.nist.gov//vuln/detail/CVE-2019-1721

Impacted products

Name
['Cisco Expressway Series <X12.5.1', 'Cisco TelePresence Video Communication Server <<X12.5.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-1721",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1721"
    }
  },
  "description": "Cisco Expressway Series\u548cCisco TelePresence Video Communication Server\uff08VCS\uff09\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Cisco Expressway Series\u662f\u4e00\u6b3e\u7528\u4e8e\u7edf\u4e00\u901a\u4fe1\u7684\u9ad8\u7ea7\u534f\u4f5c\u7f51\u5173\u3002Cisco TelePresence Video Communication Server\u662f\u4e00\u6b3e\u89c6\u9891\u901a\u4fe1\u670d\u52a1\u5668\u3002\n\nCisco Expressway Series\u548cCisco TelePresence VCS X12.5.1\u4e4b\u524d\u7248\u672c\u4e2d\u7684\u7535\u8bdd\u7c3f\u529f\u80fd\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u5bf9\u8f93\u5165\u7684\u6570\u636e\u8fdb\u884c\u6b63\u786e\u7684\u9a8c\u8bc1\u3002\u653b\u51fb\u53ef\u5229\u7528\u6f0f\u6d1e\u8017\u5c3dCPU\u8d44\u6e90\uff0c\u4ece\u800c\u5bfc\u81f4DOS\u60c5\u51b5\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-es-tvcs-dos",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-13284",
  "openTime": "2019-05-08",
  "patchDescription": "Cisco Expressway Series\u548cCisco TelePresence Video Communication Server\uff08VCS\uff09\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Cisco Expressway Series\u662f\u4e00\u6b3e\u7528\u4e8e\u7edf\u4e00\u901a\u4fe1\u7684\u9ad8\u7ea7\u534f\u4f5c\u7f51\u5173\u3002Cisco TelePresence Video Communication Server\u662f\u4e00\u6b3e\u89c6\u9891\u901a\u4fe1\u670d\u52a1\u5668\u3002\r\n\r\nCisco Expressway Series\u548cCisco TelePresence VCS X12.5.1\u4e4b\u524d\u7248\u672c\u4e2d\u7684\u7535\u8bdd\u7c3f\u529f\u80fd\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u5bf9\u8f93\u5165\u7684\u6570\u636e\u8fdb\u884c\u6b63\u786e\u7684\u9a8c\u8bc1\u3002\u653b\u51fb\u53ef\u5229\u7528\u6f0f\u6d1e\u8017\u5c3dCPU\u8d44\u6e90\uff0c\u4ece\u800c\u5bfc\u81f4DOS\u60c5\u51b5\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Expressway Series\u548cCisco TelePresence Video Communication Server\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Expressway Series \u003cX12.5.1",
      "Cisco TelePresence Video Communication Server \u003c\u003cX12.5.1"
    ]
  },
  "referenceLink": "https://web.nvd.nist.gov//vuln/detail/CVE-2019-1721",
  "serverity": "\u4e2d",
  "submitTime": "2019-04-17",
  "title": "Cisco Expressway Series\u548cCisco TelePresence Video Communication Server\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e"
}

CVE-2019-1721 (GCVE-0-2019-1721)

Vulnerability from cvelistv5 – Published: 2019-04-18 00:20 – Updated: 2024-11-21 19:39

Title

Cisco Expressway Series and Cisco TelePresence Video Communication Server Denial of Service Vulnerability

Summary

A vulnerability in the phone book feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to cause the CPU to increase to 100% utilization, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to improper handling of the XML input. An attacker could exploit this vulnerability by sending a Session Initiation Protocol (SIP) message with a crafted XML payload to an affected device. A successful exploit could allow the attacker to exhaust CPU resources, resulting in a DoS condition. Manual intervention may be required to recover the device. This vulnerability is fixed in Cisco Expressway Series and Cisco TelePresence Video Communication Server Releases X12.5.1 and later.

Severity ?

7.7 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-20

Assigner

cisco

References

URL

Tags

	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
	http://www.securityfocus.com/bid/108016	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	Cisco	Cisco TelePresence Video Communication Server (VCS)	Affected: unspecified , < X12.5.1 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:42.136Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190417 Cisco Expressway Series and Cisco TelePresence Video Communication Server Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-es-tvcs-dos"
          },
          {
            "name": "108016",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108016"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1721",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T18:59:33.225118Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T19:39:48.800Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco TelePresence Video Communication Server (VCS)",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "X12.5.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-04-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the phone book feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to cause the CPU to increase to 100% utilization, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to improper handling of the XML input. An attacker could exploit this vulnerability by sending a Session Initiation Protocol (SIP) message with a crafted XML payload to an affected device. A successful exploit could allow the attacker to exhaust CPU resources, resulting in a DoS condition. Manual intervention may be required to recover the device. This vulnerability is fixed in Cisco Expressway Series and Cisco TelePresence Video Communication Server Releases X12.5.1 and later."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-22T07:06:02",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190417 Cisco Expressway Series and Cisco TelePresence Video Communication Server Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-es-tvcs-dos"
        },
        {
          "name": "108016",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108016"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190417-es-tvcs-dos",
        "defect": [
          [
            "CSCvn99037"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Expressway Series and Cisco TelePresence Video Communication Server Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-04-17T16:00:00-0700",
          "ID": "CVE-2019-1721",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Expressway Series and Cisco TelePresence Video Communication Server Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco TelePresence Video Communication Server (VCS)",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "X12.5.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the phone book feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to cause the CPU to increase to 100% utilization, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to improper handling of the XML input. An attacker could exploit this vulnerability by sending a Session Initiation Protocol (SIP) message with a crafted XML payload to an affected device. A successful exploit could allow the attacker to exhaust CPU resources, resulting in a DoS condition. Manual intervention may be required to recover the device. This vulnerability is fixed in Cisco Expressway Series and Cisco TelePresence Video Communication Server Releases X12.5.1 and later."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.7",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190417 Cisco Expressway Series and Cisco TelePresence Video Communication Server Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-es-tvcs-dos"
            },
            {
              "name": "108016",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108016"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190417-es-tvcs-dos",
          "defect": [
            [
              "CSCvn99037"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1721",
    "datePublished": "2019-04-18T00:20:19.165416Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-21T19:39:48.800Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2019-13284

CVE-2019-1721 (GCVE-0-2019-1721)

Tags

Sightings

Nomenclature