Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CNVD-2019-14437
Vulnerability from cnvd - Published: 2019-05-16
VLAI Severity ?
Title
Cisco IOS和IOS IP SLA拒绝服务漏洞
Description
Cisco IOS和IOS XE都是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。
Cisco IOS和IOS XE中对IP服务等级协议数据包的处理过程存在安全漏洞。攻击者可通过发送特制的IP SLA数据包利用该漏洞造成拒绝服务。
Severity
高
Patch Name
Cisco IOS和IOS IP SLA拒绝服务漏洞的补丁
Patch Description
Cisco IOS和IOS XE都是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。
Cisco IOS和IOS XE中对IP服务等级协议数据包的处理过程存在安全漏洞。攻击者可通过发送特制的IP SLA数据包利用该漏洞造成拒绝服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布漏洞修复程序,请及时关注更新: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ipsla-dos
Reference
https://nvd.nist.gov/vuln/detail/CVE-2019-1737
Impacted products
| Name | ['Cisco IOS XE', 'Cisco IOS'] |
|---|
{
"bids": {
"bid": {
"bidNumber": "107604"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2019-1737"
}
},
"description": "Cisco IOS\u548cIOS XE\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e3a\u5176\u7f51\u7edc\u8bbe\u5907\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\n\nCisco IOS\u548cIOS XE\u4e2d\u5bf9IP\u670d\u52a1\u7b49\u7ea7\u534f\u8bae\u6570\u636e\u5305\u7684\u5904\u7406\u8fc7\u7a0b\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684IP SLA\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
"discovererName": "Cisco",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ipsla-dos",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-14437",
"openTime": "2019-05-16",
"patchDescription": "Cisco IOS\u548cIOS XE\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e3a\u5176\u7f51\u7edc\u8bbe\u5907\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nCisco IOS\u548cIOS XE\u4e2d\u5bf9IP\u670d\u52a1\u7b49\u7ea7\u534f\u8bae\u6570\u636e\u5305\u7684\u5904\u7406\u8fc7\u7a0b\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684IP SLA\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Cisco IOS\u548cIOS IP SLA\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Cisco IOS XE",
"Cisco IOS"
]
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-1737",
"serverity": "\u9ad8",
"submitTime": "2019-03-28",
"title": "Cisco IOS\u548cIOS IP SLA\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}
CVE-2019-1737 (GCVE-0-2019-1737)
Vulnerability from cvelistv5 – Published: 2019-03-27 23:05 – Updated: 2024-11-19 19:14
VLAI?
EPSS
Title
Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability
Summary
A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability is due to improper socket resources handling in the IP SLA responder application code. An attacker could exploit this vulnerability by sending crafted IP SLA packets to an affected device. An exploit could allow the attacker to cause an interface to become wedged, resulting in an eventual denial of service (DoS) condition on the affected device.
Severity ?
8.6 (High)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS and IOS-XE Software |
Affected:
3.7.0S
Affected: 3.7.1S Affected: 3.7.2S Affected: 3.7.3S Affected: 3.7.4S Affected: 3.7.5S Affected: 3.7.6S Affected: 3.7.7S Affected: 3.7.8S Affected: 3.7.4aS Affected: 3.7.2tS Affected: 3.7.0bS Affected: 3.7.1aS Affected: 3.8.0S Affected: 3.8.1S Affected: 3.8.2S Affected: 3.9.1S Affected: 3.9.0S Affected: 3.9.2S Affected: 3.9.1aS Affected: 3.9.0aS Affected: 3.2.0SE Affected: 3.2.1SE Affected: 3.2.2SE Affected: 3.2.3SE Affected: 3.3.0SE Affected: 3.3.1SE Affected: 3.3.2SE Affected: 3.3.3SE Affected: 3.3.4SE Affected: 3.3.5SE Affected: 3.3.0XO Affected: 3.3.1XO Affected: 3.3.2XO Affected: 3.4.0SG Affected: 3.4.2SG Affected: 3.4.1SG Affected: 3.4.3SG Affected: 3.4.4SG Affected: 3.4.5SG Affected: 3.4.6SG Affected: 3.4.7SG Affected: 3.4.8SG Affected: 3.5.0E Affected: 3.5.1E Affected: 3.5.2E Affected: 3.5.3E Affected: 3.10.0S Affected: 3.10.1S Affected: 3.10.2S Affected: 3.10.3S Affected: 3.10.4S Affected: 3.10.5S Affected: 3.10.6S Affected: 3.10.2aS Affected: 3.10.2tS Affected: 3.10.7S Affected: 3.10.8S Affected: 3.10.8aS Affected: 3.10.9S Affected: 3.10.10S Affected: 3.11.1S Affected: 3.11.2S Affected: 3.11.0S Affected: 3.11.3S Affected: 3.11.4S Affected: 3.12.0S Affected: 3.12.1S Affected: 3.12.2S Affected: 3.12.3S Affected: 3.12.0aS Affected: 3.12.4S Affected: 3.13.0S Affected: 3.13.1S Affected: 3.13.2S Affected: 3.13.3S Affected: 3.13.4S Affected: 3.13.5S Affected: 3.13.2aS Affected: 3.13.0aS Affected: 3.13.5aS Affected: 3.13.6S Affected: 3.13.7S Affected: 3.13.6aS Affected: 3.13.6bS Affected: 3.13.7aS Affected: 3.13.8S Affected: 3.6.0E Affected: 3.6.1E Affected: 3.6.0aE Affected: 3.6.0bE Affected: 3.6.2aE Affected: 3.6.2E Affected: 3.6.3E Affected: 3.6.4E Affected: 3.6.5E Affected: 3.6.6E Affected: 3.6.5aE Affected: 3.6.5bE Affected: 3.6.7E Affected: 3.6.7aE Affected: 3.6.7bE Affected: 3.14.0S Affected: 3.14.1S Affected: 3.14.2S Affected: 3.14.3S Affected: 3.14.4S Affected: 3.15.0S Affected: 3.15.1S Affected: 3.15.2S Affected: 3.15.1cS Affected: 3.15.3S Affected: 3.15.4S Affected: 3.7.0E Affected: 3.7.1E Affected: 3.7.2E Affected: 3.7.3E Affected: 3.7.4E Affected: 3.7.5E Affected: 3.16.0S Affected: 3.16.1S Affected: 3.16.0aS Affected: 3.16.1aS Affected: 3.16.2S Affected: 3.16.2aS Affected: 3.16.0bS Affected: 3.16.0cS Affected: 3.16.3S Affected: 3.16.2bS Affected: 3.16.3aS Affected: 3.16.4S Affected: 3.16.4aS Affected: 3.16.4bS Affected: 3.16.4gS Affected: 3.16.5S Affected: 3.16.4cS Affected: 3.16.4dS Affected: 3.16.4eS Affected: 3.16.6S Affected: 3.16.5aS Affected: 3.16.5bS Affected: 3.16.6bS Affected: 3.17.0S Affected: 3.17.1S Affected: 3.17.2S Affected: 3.17.1aS Affected: 3.17.3S Affected: 3.17.4S Affected: 16.1.1 Affected: 16.1.2 Affected: 16.1.3 Affected: 3.2.0JA Affected: 16.2.1 Affected: 16.2.2 Affected: 3.8.0E Affected: 3.8.1E Affected: 3.8.2E Affected: 3.8.3E Affected: 3.8.4E Affected: 3.8.5E Affected: 3.8.5aE Affected: 16.3.1 Affected: 16.3.2 Affected: 16.3.3 Affected: 16.3.1a Affected: 16.3.4 Affected: 16.4.1 Affected: 16.4.2 Affected: 16.5.1 Affected: 16.5.1a Affected: 16.5.1b Affected: 16.5.2 Affected: 16.5.3 Affected: 3.18.0aS Affected: 3.18.0S Affected: 3.18.1S Affected: 3.18.2S Affected: 3.18.3S Affected: 3.18.4S Affected: 3.18.0SP Affected: 3.18.1SP Affected: 3.18.1aSP Affected: 3.18.1gSP Affected: 3.18.1bSP Affected: 3.18.1cSP Affected: 3.18.2SP Affected: 3.18.1hSP Affected: 3.18.2aSP Affected: 3.18.1iSP Affected: 3.9.0E Affected: 3.9.1E Affected: 3.9.2E Affected: 3.9.2bE Affected: 16.6.1 Affected: 3.10.0E Affected: 3.10.0cE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190327 Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ipsla-dos"
},
{
"name": "107604",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107604"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1737",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:25:10.803665Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:14:15.287Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS and IOS-XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.7.0S"
},
{
"status": "affected",
"version": "3.7.1S"
},
{
"status": "affected",
"version": "3.7.2S"
},
{
"status": "affected",
"version": "3.7.3S"
},
{
"status": "affected",
"version": "3.7.4S"
},
{
"status": "affected",
"version": "3.7.5S"
},
{
"status": "affected",
"version": "3.7.6S"
},
{
"status": "affected",
"version": "3.7.7S"
},
{
"status": "affected",
"version": "3.7.8S"
},
{
"status": "affected",
"version": "3.7.4aS"
},
{
"status": "affected",
"version": "3.7.2tS"
},
{
"status": "affected",
"version": "3.7.0bS"
},
{
"status": "affected",
"version": "3.7.1aS"
},
{
"status": "affected",
"version": "3.8.0S"
},
{
"status": "affected",
"version": "3.8.1S"
},
{
"status": "affected",
"version": "3.8.2S"
},
{
"status": "affected",
"version": "3.9.1S"
},
{
"status": "affected",
"version": "3.9.0S"
},
{
"status": "affected",
"version": "3.9.2S"
},
{
"status": "affected",
"version": "3.9.1aS"
},
{
"status": "affected",
"version": "3.9.0aS"
},
{
"status": "affected",
"version": "3.2.0SE"
},
{
"status": "affected",
"version": "3.2.1SE"
},
{
"status": "affected",
"version": "3.2.2SE"
},
{
"status": "affected",
"version": "3.2.3SE"
},
{
"status": "affected",
"version": "3.3.0SE"
},
{
"status": "affected",
"version": "3.3.1SE"
},
{
"status": "affected",
"version": "3.3.2SE"
},
{
"status": "affected",
"version": "3.3.3SE"
},
{
"status": "affected",
"version": "3.3.4SE"
},
{
"status": "affected",
"version": "3.3.5SE"
},
{
"status": "affected",
"version": "3.3.0XO"
},
{
"status": "affected",
"version": "3.3.1XO"
},
{
"status": "affected",
"version": "3.3.2XO"
},
{
"status": "affected",
"version": "3.4.0SG"
},
{
"status": "affected",
"version": "3.4.2SG"
},
{
"status": "affected",
"version": "3.4.1SG"
},
{
"status": "affected",
"version": "3.4.3SG"
},
{
"status": "affected",
"version": "3.4.4SG"
},
{
"status": "affected",
"version": "3.4.5SG"
},
{
"status": "affected",
"version": "3.4.6SG"
},
{
"status": "affected",
"version": "3.4.7SG"
},
{
"status": "affected",
"version": "3.4.8SG"
},
{
"status": "affected",
"version": "3.5.0E"
},
{
"status": "affected",
"version": "3.5.1E"
},
{
"status": "affected",
"version": "3.5.2E"
},
{
"status": "affected",
"version": "3.5.3E"
},
{
"status": "affected",
"version": "3.10.0S"
},
{
"status": "affected",
"version": "3.10.1S"
},
{
"status": "affected",
"version": "3.10.2S"
},
{
"status": "affected",
"version": "3.10.3S"
},
{
"status": "affected",
"version": "3.10.4S"
},
{
"status": "affected",
"version": "3.10.5S"
},
{
"status": "affected",
"version": "3.10.6S"
},
{
"status": "affected",
"version": "3.10.2aS"
},
{
"status": "affected",
"version": "3.10.2tS"
},
{
"status": "affected",
"version": "3.10.7S"
},
{
"status": "affected",
"version": "3.10.8S"
},
{
"status": "affected",
"version": "3.10.8aS"
},
{
"status": "affected",
"version": "3.10.9S"
},
{
"status": "affected",
"version": "3.10.10S"
},
{
"status": "affected",
"version": "3.11.1S"
},
{
"status": "affected",
"version": "3.11.2S"
},
{
"status": "affected",
"version": "3.11.0S"
},
{
"status": "affected",
"version": "3.11.3S"
},
{
"status": "affected",
"version": "3.11.4S"
},
{
"status": "affected",
"version": "3.12.0S"
},
{
"status": "affected",
"version": "3.12.1S"
},
{
"status": "affected",
"version": "3.12.2S"
},
{
"status": "affected",
"version": "3.12.3S"
},
{
"status": "affected",
"version": "3.12.0aS"
},
{
"status": "affected",
"version": "3.12.4S"
},
{
"status": "affected",
"version": "3.13.0S"
},
{
"status": "affected",
"version": "3.13.1S"
},
{
"status": "affected",
"version": "3.13.2S"
},
{
"status": "affected",
"version": "3.13.3S"
},
{
"status": "affected",
"version": "3.13.4S"
},
{
"status": "affected",
"version": "3.13.5S"
},
{
"status": "affected",
"version": "3.13.2aS"
},
{
"status": "affected",
"version": "3.13.0aS"
},
{
"status": "affected",
"version": "3.13.5aS"
},
{
"status": "affected",
"version": "3.13.6S"
},
{
"status": "affected",
"version": "3.13.7S"
},
{
"status": "affected",
"version": "3.13.6aS"
},
{
"status": "affected",
"version": "3.13.6bS"
},
{
"status": "affected",
"version": "3.13.7aS"
},
{
"status": "affected",
"version": "3.13.8S"
},
{
"status": "affected",
"version": "3.6.0E"
},
{
"status": "affected",
"version": "3.6.1E"
},
{
"status": "affected",
"version": "3.6.0aE"
},
{
"status": "affected",
"version": "3.6.0bE"
},
{
"status": "affected",
"version": "3.6.2aE"
},
{
"status": "affected",
"version": "3.6.2E"
},
{
"status": "affected",
"version": "3.6.3E"
},
{
"status": "affected",
"version": "3.6.4E"
},
{
"status": "affected",
"version": "3.6.5E"
},
{
"status": "affected",
"version": "3.6.6E"
},
{
"status": "affected",
"version": "3.6.5aE"
},
{
"status": "affected",
"version": "3.6.5bE"
},
{
"status": "affected",
"version": "3.6.7E"
},
{
"status": "affected",
"version": "3.6.7aE"
},
{
"status": "affected",
"version": "3.6.7bE"
},
{
"status": "affected",
"version": "3.14.0S"
},
{
"status": "affected",
"version": "3.14.1S"
},
{
"status": "affected",
"version": "3.14.2S"
},
{
"status": "affected",
"version": "3.14.3S"
},
{
"status": "affected",
"version": "3.14.4S"
},
{
"status": "affected",
"version": "3.15.0S"
},
{
"status": "affected",
"version": "3.15.1S"
},
{
"status": "affected",
"version": "3.15.2S"
},
{
"status": "affected",
"version": "3.15.1cS"
},
{
"status": "affected",
"version": "3.15.3S"
},
{
"status": "affected",
"version": "3.15.4S"
},
{
"status": "affected",
"version": "3.7.0E"
},
{
"status": "affected",
"version": "3.7.1E"
},
{
"status": "affected",
"version": "3.7.2E"
},
{
"status": "affected",
"version": "3.7.3E"
},
{
"status": "affected",
"version": "3.7.4E"
},
{
"status": "affected",
"version": "3.7.5E"
},
{
"status": "affected",
"version": "3.16.0S"
},
{
"status": "affected",
"version": "3.16.1S"
},
{
"status": "affected",
"version": "3.16.0aS"
},
{
"status": "affected",
"version": "3.16.1aS"
},
{
"status": "affected",
"version": "3.16.2S"
},
{
"status": "affected",
"version": "3.16.2aS"
},
{
"status": "affected",
"version": "3.16.0bS"
},
{
"status": "affected",
"version": "3.16.0cS"
},
{
"status": "affected",
"version": "3.16.3S"
},
{
"status": "affected",
"version": "3.16.2bS"
},
{
"status": "affected",
"version": "3.16.3aS"
},
{
"status": "affected",
"version": "3.16.4S"
},
{
"status": "affected",
"version": "3.16.4aS"
},
{
"status": "affected",
"version": "3.16.4bS"
},
{
"status": "affected",
"version": "3.16.4gS"
},
{
"status": "affected",
"version": "3.16.5S"
},
{
"status": "affected",
"version": "3.16.4cS"
},
{
"status": "affected",
"version": "3.16.4dS"
},
{
"status": "affected",
"version": "3.16.4eS"
},
{
"status": "affected",
"version": "3.16.6S"
},
{
"status": "affected",
"version": "3.16.5aS"
},
{
"status": "affected",
"version": "3.16.5bS"
},
{
"status": "affected",
"version": "3.16.6bS"
},
{
"status": "affected",
"version": "3.17.0S"
},
{
"status": "affected",
"version": "3.17.1S"
},
{
"status": "affected",
"version": "3.17.2S"
},
{
"status": "affected",
"version": "3.17.1aS"
},
{
"status": "affected",
"version": "3.17.3S"
},
{
"status": "affected",
"version": "3.17.4S"
},
{
"status": "affected",
"version": "16.1.1"
},
{
"status": "affected",
"version": "16.1.2"
},
{
"status": "affected",
"version": "16.1.3"
},
{
"status": "affected",
"version": "3.2.0JA"
},
{
"status": "affected",
"version": "16.2.1"
},
{
"status": "affected",
"version": "16.2.2"
},
{
"status": "affected",
"version": "3.8.0E"
},
{
"status": "affected",
"version": "3.8.1E"
},
{
"status": "affected",
"version": "3.8.2E"
},
{
"status": "affected",
"version": "3.8.3E"
},
{
"status": "affected",
"version": "3.8.4E"
},
{
"status": "affected",
"version": "3.8.5E"
},
{
"status": "affected",
"version": "3.8.5aE"
},
{
"status": "affected",
"version": "16.3.1"
},
{
"status": "affected",
"version": "16.3.2"
},
{
"status": "affected",
"version": "16.3.3"
},
{
"status": "affected",
"version": "16.3.1a"
},
{
"status": "affected",
"version": "16.3.4"
},
{
"status": "affected",
"version": "16.4.1"
},
{
"status": "affected",
"version": "16.4.2"
},
{
"status": "affected",
"version": "16.5.1"
},
{
"status": "affected",
"version": "16.5.1a"
},
{
"status": "affected",
"version": "16.5.1b"
},
{
"status": "affected",
"version": "16.5.2"
},
{
"status": "affected",
"version": "16.5.3"
},
{
"status": "affected",
"version": "3.18.0aS"
},
{
"status": "affected",
"version": "3.18.0S"
},
{
"status": "affected",
"version": "3.18.1S"
},
{
"status": "affected",
"version": "3.18.2S"
},
{
"status": "affected",
"version": "3.18.3S"
},
{
"status": "affected",
"version": "3.18.4S"
},
{
"status": "affected",
"version": "3.18.0SP"
},
{
"status": "affected",
"version": "3.18.1SP"
},
{
"status": "affected",
"version": "3.18.1aSP"
},
{
"status": "affected",
"version": "3.18.1gSP"
},
{
"status": "affected",
"version": "3.18.1bSP"
},
{
"status": "affected",
"version": "3.18.1cSP"
},
{
"status": "affected",
"version": "3.18.2SP"
},
{
"status": "affected",
"version": "3.18.1hSP"
},
{
"status": "affected",
"version": "3.18.2aSP"
},
{
"status": "affected",
"version": "3.18.1iSP"
},
{
"status": "affected",
"version": "3.9.0E"
},
{
"status": "affected",
"version": "3.9.1E"
},
{
"status": "affected",
"version": "3.9.2E"
},
{
"status": "affected",
"version": "3.9.2bE"
},
{
"status": "affected",
"version": "16.6.1"
},
{
"status": "affected",
"version": "3.10.0E"
},
{
"status": "affected",
"version": "3.10.0cE"
}
]
}
],
"datePublic": "2019-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability is due to improper socket resources handling in the IP SLA responder application code. An attacker could exploit this vulnerability by sending crafted IP SLA packets to an affected device. An exploit could allow the attacker to cause an interface to become wedged, resulting in an eventual denial of service (DoS) condition on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-28T11:06:06",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190327 Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ipsla-dos"
},
{
"name": "107604",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107604"
}
],
"source": {
"advisory": "cisco-sa-20190327-ipsla-dos",
"defect": [
[
"CSCvf37838"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-03-27T16:00:00-0700",
"ID": "CVE-2019-1737",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS and IOS-XE Software",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.7.0S"
},
{
"version_affected": "=",
"version_value": "3.7.1S"
},
{
"version_affected": "=",
"version_value": "3.7.2S"
},
{
"version_affected": "=",
"version_value": "3.7.3S"
},
{
"version_affected": "=",
"version_value": "3.7.4S"
},
{
"version_affected": "=",
"version_value": "3.7.5S"
},
{
"version_affected": "=",
"version_value": "3.7.6S"
},
{
"version_affected": "=",
"version_value": "3.7.7S"
},
{
"version_affected": "=",
"version_value": "3.7.8S"
},
{
"version_affected": "=",
"version_value": "3.7.4aS"
},
{
"version_affected": "=",
"version_value": "3.7.2tS"
},
{
"version_affected": "=",
"version_value": "3.7.0bS"
},
{
"version_affected": "=",
"version_value": "3.7.1aS"
},
{
"version_affected": "=",
"version_value": "3.8.0S"
},
{
"version_affected": "=",
"version_value": "3.8.1S"
},
{
"version_affected": "=",
"version_value": "3.8.2S"
},
{
"version_affected": "=",
"version_value": "3.9.1S"
},
{
"version_affected": "=",
"version_value": "3.9.0S"
},
{
"version_affected": "=",
"version_value": "3.9.2S"
},
{
"version_affected": "=",
"version_value": "3.9.1aS"
},
{
"version_affected": "=",
"version_value": "3.9.0aS"
},
{
"version_affected": "=",
"version_value": "3.2.0SE"
},
{
"version_affected": "=",
"version_value": "3.2.1SE"
},
{
"version_affected": "=",
"version_value": "3.2.2SE"
},
{
"version_affected": "=",
"version_value": "3.2.3SE"
},
{
"version_affected": "=",
"version_value": "3.3.0SE"
},
{
"version_affected": "=",
"version_value": "3.3.1SE"
},
{
"version_affected": "=",
"version_value": "3.3.2SE"
},
{
"version_affected": "=",
"version_value": "3.3.3SE"
},
{
"version_affected": "=",
"version_value": "3.3.4SE"
},
{
"version_affected": "=",
"version_value": "3.3.5SE"
},
{
"version_affected": "=",
"version_value": "3.3.0XO"
},
{
"version_affected": "=",
"version_value": "3.3.1XO"
},
{
"version_affected": "=",
"version_value": "3.3.2XO"
},
{
"version_affected": "=",
"version_value": "3.4.0SG"
},
{
"version_affected": "=",
"version_value": "3.4.2SG"
},
{
"version_affected": "=",
"version_value": "3.4.1SG"
},
{
"version_affected": "=",
"version_value": "3.4.3SG"
},
{
"version_affected": "=",
"version_value": "3.4.4SG"
},
{
"version_affected": "=",
"version_value": "3.4.5SG"
},
{
"version_affected": "=",
"version_value": "3.4.6SG"
},
{
"version_affected": "=",
"version_value": "3.4.7SG"
},
{
"version_affected": "=",
"version_value": "3.4.8SG"
},
{
"version_affected": "=",
"version_value": "3.5.0E"
},
{
"version_affected": "=",
"version_value": "3.5.1E"
},
{
"version_affected": "=",
"version_value": "3.5.2E"
},
{
"version_affected": "=",
"version_value": "3.5.3E"
},
{
"version_affected": "=",
"version_value": "3.10.0S"
},
{
"version_affected": "=",
"version_value": "3.10.1S"
},
{
"version_affected": "=",
"version_value": "3.10.2S"
},
{
"version_affected": "=",
"version_value": "3.10.3S"
},
{
"version_affected": "=",
"version_value": "3.10.4S"
},
{
"version_affected": "=",
"version_value": "3.10.5S"
},
{
"version_affected": "=",
"version_value": "3.10.6S"
},
{
"version_affected": "=",
"version_value": "3.10.2aS"
},
{
"version_affected": "=",
"version_value": "3.10.2tS"
},
{
"version_affected": "=",
"version_value": "3.10.7S"
},
{
"version_affected": "=",
"version_value": "3.10.8S"
},
{
"version_affected": "=",
"version_value": "3.10.8aS"
},
{
"version_affected": "=",
"version_value": "3.10.9S"
},
{
"version_affected": "=",
"version_value": "3.10.10S"
},
{
"version_affected": "=",
"version_value": "3.11.1S"
},
{
"version_affected": "=",
"version_value": "3.11.2S"
},
{
"version_affected": "=",
"version_value": "3.11.0S"
},
{
"version_affected": "=",
"version_value": "3.11.3S"
},
{
"version_affected": "=",
"version_value": "3.11.4S"
},
{
"version_affected": "=",
"version_value": "3.12.0S"
},
{
"version_affected": "=",
"version_value": "3.12.1S"
},
{
"version_affected": "=",
"version_value": "3.12.2S"
},
{
"version_affected": "=",
"version_value": "3.12.3S"
},
{
"version_affected": "=",
"version_value": "3.12.0aS"
},
{
"version_affected": "=",
"version_value": "3.12.4S"
},
{
"version_affected": "=",
"version_value": "3.13.0S"
},
{
"version_affected": "=",
"version_value": "3.13.1S"
},
{
"version_affected": "=",
"version_value": "3.13.2S"
},
{
"version_affected": "=",
"version_value": "3.13.3S"
},
{
"version_affected": "=",
"version_value": "3.13.4S"
},
{
"version_affected": "=",
"version_value": "3.13.5S"
},
{
"version_affected": "=",
"version_value": "3.13.2aS"
},
{
"version_affected": "=",
"version_value": "3.13.0aS"
},
{
"version_affected": "=",
"version_value": "3.13.5aS"
},
{
"version_affected": "=",
"version_value": "3.13.6S"
},
{
"version_affected": "=",
"version_value": "3.13.7S"
},
{
"version_affected": "=",
"version_value": "3.13.6aS"
},
{
"version_affected": "=",
"version_value": "3.13.6bS"
},
{
"version_affected": "=",
"version_value": "3.13.7aS"
},
{
"version_affected": "=",
"version_value": "3.13.8S"
},
{
"version_affected": "=",
"version_value": "3.6.0E"
},
{
"version_affected": "=",
"version_value": "3.6.1E"
},
{
"version_affected": "=",
"version_value": "3.6.0aE"
},
{
"version_affected": "=",
"version_value": "3.6.0bE"
},
{
"version_affected": "=",
"version_value": "3.6.2aE"
},
{
"version_affected": "=",
"version_value": "3.6.2E"
},
{
"version_affected": "=",
"version_value": "3.6.3E"
},
{
"version_affected": "=",
"version_value": "3.6.4E"
},
{
"version_affected": "=",
"version_value": "3.6.5E"
},
{
"version_affected": "=",
"version_value": "3.6.6E"
},
{
"version_affected": "=",
"version_value": "3.6.5aE"
},
{
"version_affected": "=",
"version_value": "3.6.5bE"
},
{
"version_affected": "=",
"version_value": "3.6.7E"
},
{
"version_affected": "=",
"version_value": "3.6.7aE"
},
{
"version_affected": "=",
"version_value": "3.6.7bE"
},
{
"version_affected": "=",
"version_value": "3.14.0S"
},
{
"version_affected": "=",
"version_value": "3.14.1S"
},
{
"version_affected": "=",
"version_value": "3.14.2S"
},
{
"version_affected": "=",
"version_value": "3.14.3S"
},
{
"version_affected": "=",
"version_value": "3.14.4S"
},
{
"version_affected": "=",
"version_value": "3.15.0S"
},
{
"version_affected": "=",
"version_value": "3.15.1S"
},
{
"version_affected": "=",
"version_value": "3.15.2S"
},
{
"version_affected": "=",
"version_value": "3.15.1cS"
},
{
"version_affected": "=",
"version_value": "3.15.3S"
},
{
"version_affected": "=",
"version_value": "3.15.4S"
},
{
"version_affected": "=",
"version_value": "3.7.0E"
},
{
"version_affected": "=",
"version_value": "3.7.1E"
},
{
"version_affected": "=",
"version_value": "3.7.2E"
},
{
"version_affected": "=",
"version_value": "3.7.3E"
},
{
"version_affected": "=",
"version_value": "3.7.4E"
},
{
"version_affected": "=",
"version_value": "3.7.5E"
},
{
"version_affected": "=",
"version_value": "3.16.0S"
},
{
"version_affected": "=",
"version_value": "3.16.1S"
},
{
"version_affected": "=",
"version_value": "3.16.0aS"
},
{
"version_affected": "=",
"version_value": "3.16.1aS"
},
{
"version_affected": "=",
"version_value": "3.16.2S"
},
{
"version_affected": "=",
"version_value": "3.16.2aS"
},
{
"version_affected": "=",
"version_value": "3.16.0bS"
},
{
"version_affected": "=",
"version_value": "3.16.0cS"
},
{
"version_affected": "=",
"version_value": "3.16.3S"
},
{
"version_affected": "=",
"version_value": "3.16.2bS"
},
{
"version_affected": "=",
"version_value": "3.16.3aS"
},
{
"version_affected": "=",
"version_value": "3.16.4S"
},
{
"version_affected": "=",
"version_value": "3.16.4aS"
},
{
"version_affected": "=",
"version_value": "3.16.4bS"
},
{
"version_affected": "=",
"version_value": "3.16.4gS"
},
{
"version_affected": "=",
"version_value": "3.16.5S"
},
{
"version_affected": "=",
"version_value": "3.16.4cS"
},
{
"version_affected": "=",
"version_value": "3.16.4dS"
},
{
"version_affected": "=",
"version_value": "3.16.4eS"
},
{
"version_affected": "=",
"version_value": "3.16.6S"
},
{
"version_affected": "=",
"version_value": "3.16.5aS"
},
{
"version_affected": "=",
"version_value": "3.16.5bS"
},
{
"version_affected": "=",
"version_value": "3.16.6bS"
},
{
"version_affected": "=",
"version_value": "3.17.0S"
},
{
"version_affected": "=",
"version_value": "3.17.1S"
},
{
"version_affected": "=",
"version_value": "3.17.2S"
},
{
"version_affected": "=",
"version_value": "3.17.1aS"
},
{
"version_affected": "=",
"version_value": "3.17.3S"
},
{
"version_affected": "=",
"version_value": "3.17.4S"
},
{
"version_affected": "=",
"version_value": "16.1.1"
},
{
"version_affected": "=",
"version_value": "16.1.2"
},
{
"version_affected": "=",
"version_value": "16.1.3"
},
{
"version_affected": "=",
"version_value": "3.2.0JA"
},
{
"version_affected": "=",
"version_value": "16.2.1"
},
{
"version_affected": "=",
"version_value": "16.2.2"
},
{
"version_affected": "=",
"version_value": "3.8.0E"
},
{
"version_affected": "=",
"version_value": "3.8.1E"
},
{
"version_affected": "=",
"version_value": "3.8.2E"
},
{
"version_affected": "=",
"version_value": "3.8.3E"
},
{
"version_affected": "=",
"version_value": "3.8.4E"
},
{
"version_affected": "=",
"version_value": "3.8.5E"
},
{
"version_affected": "=",
"version_value": "3.8.5aE"
},
{
"version_affected": "=",
"version_value": "16.3.1"
},
{
"version_affected": "=",
"version_value": "16.3.2"
},
{
"version_affected": "=",
"version_value": "16.3.3"
},
{
"version_affected": "=",
"version_value": "16.3.1a"
},
{
"version_affected": "=",
"version_value": "16.3.4"
},
{
"version_affected": "=",
"version_value": "16.4.1"
},
{
"version_affected": "=",
"version_value": "16.4.2"
},
{
"version_affected": "=",
"version_value": "16.5.1"
},
{
"version_affected": "=",
"version_value": "16.5.1a"
},
{
"version_affected": "=",
"version_value": "16.5.1b"
},
{
"version_affected": "=",
"version_value": "16.5.2"
},
{
"version_affected": "=",
"version_value": "16.5.3"
},
{
"version_affected": "=",
"version_value": "3.18.0aS"
},
{
"version_affected": "=",
"version_value": "3.18.0S"
},
{
"version_affected": "=",
"version_value": "3.18.1S"
},
{
"version_affected": "=",
"version_value": "3.18.2S"
},
{
"version_affected": "=",
"version_value": "3.18.3S"
},
{
"version_affected": "=",
"version_value": "3.18.4S"
},
{
"version_affected": "=",
"version_value": "3.18.0SP"
},
{
"version_affected": "=",
"version_value": "3.18.1SP"
},
{
"version_affected": "=",
"version_value": "3.18.1aSP"
},
{
"version_affected": "=",
"version_value": "3.18.1gSP"
},
{
"version_affected": "=",
"version_value": "3.18.1bSP"
},
{
"version_affected": "=",
"version_value": "3.18.1cSP"
},
{
"version_affected": "=",
"version_value": "3.18.2SP"
},
{
"version_affected": "=",
"version_value": "3.18.1hSP"
},
{
"version_affected": "=",
"version_value": "3.18.2aSP"
},
{
"version_affected": "=",
"version_value": "3.18.1iSP"
},
{
"version_affected": "=",
"version_value": "3.9.0E"
},
{
"version_affected": "=",
"version_value": "3.9.1E"
},
{
"version_affected": "=",
"version_value": "3.9.2E"
},
{
"version_affected": "=",
"version_value": "3.9.2bE"
},
{
"version_affected": "=",
"version_value": "16.6.1"
},
{
"version_affected": "=",
"version_value": "3.10.0E"
},
{
"version_affected": "=",
"version_value": "3.10.0cE"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability is due to improper socket resources handling in the IP SLA responder application code. An attacker could exploit this vulnerability by sending crafted IP SLA packets to an affected device. An exploit could allow the attacker to cause an interface to become wedged, resulting in an eventual denial of service (DoS) condition on the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190327 Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ipsla-dos"
},
{
"name": "107604",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107604"
}
]
},
"source": {
"advisory": "cisco-sa-20190327-ipsla-dos",
"defect": [
[
"CSCvf37838"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1737",
"datePublished": "2019-03-27T23:05:13.764715Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T19:14:15.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…