Vulnerability-Lookup

CVE-2019-12653 (GCVE-0-2019-12653)

Vulnerability from cvelistv5 – Published: 2019-09-25 20:15 – Updated: 2024-11-19 18:56

Title

Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability

Summary

Severity ?

8.6 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-20

Assigner

cisco

References

URL

Tags

https://tools.cisco.com/security/center/content/C…

vendor-advisoryx_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco IOS XE Software	Affected: unspecified , < n/a (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:24:39.243Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190925 Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-12653",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:23:04.379799Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T18:56:20.282Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XE Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-09-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-09-25T20:15:33",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190925 Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190925-rawtcp-dos",
        "defect": [
          [
            "CSCvj91021"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-09-25T16:00:00-0700",
          "ID": "CVE-2019-12653",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XE Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190925 Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190925-rawtcp-dos",
          "defect": [
            [
              "CSCvj91021"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-12653",
    "datePublished": "2019-09-25T20:15:33.350896Z",
    "dateReserved": "2019-06-04T00:00:00",
    "dateUpdated": "2024-11-19T18:56:20.282Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:16.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D42A82B-7241-4564-BCC1-9C4E7EB18881\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB6BD18B-B9BD-452F-986E-16A6668E46B6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"70352B04-C3FD-47F5-A2F8-691CF63EB50D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE063AF2-5579-4D7E-8829-9102FC7CB994\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51938C0A-AFDB-4B12-BB64-9C67FC0C738F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A18E4A46-10D3-48F8-9E92-377ACA447257\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_914:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67D5E61B-9F17-4C56-A1BB-3EE08CB62C53\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en la funcionalidad Raw Socket Transport del software Cisco IOS XE, podr\\u00eda permitir a un atacante remoto no autenticado desencadenar una recarga de un dispositivo afectado, resultando en una condici\\u00f3n de denegaci\\u00f3n de servicio (DoS). La vulnerabilidad es debido al an\\u00e1lisis inapropiado de las cargas \\u00fatiles de Raw Socket Transport. Un atacante podr\\u00eda explotar esta vulnerabilidad al establecer una sesi\\u00f3n TCP y entonces enviar un segmento TCP malicioso por medio de IPv4 hacia un dispositivo afectado. Esto no puede ser explotado por medio de IPv6, ya que la funci\\u00f3n de Raw Socket Transport no admite IPv6 como protocolo de capa de red.\"}]",
      "id": "CVE-2019-12653",
      "lastModified": "2024-11-21T04:23:16.193",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV30\": [{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\", \"baseScore\": 8.6, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 4.0}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-09-25T21:15:10.657",
      "references": "[{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-12653\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2019-09-25T21:15:10.657\",\"lastModified\":\"2024-11-21T04:23:16.193\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la funcionalidad Raw Socket Transport del software Cisco IOS XE, podr\u00eda permitir a un atacante remoto no autenticado desencadenar una recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido al an\u00e1lisis inapropiado de las cargas \u00fatiles de Raw Socket Transport. Un atacante podr\u00eda explotar esta vulnerabilidad al establecer una sesi\u00f3n TCP y entonces enviar un segmento TCP malicioso por medio de IPv4 hacia un dispositivo afectado. Esto no puede ser explotado por medio de IPv6, ya que la funci\u00f3n de Raw Socket Transport no admite IPv6 como protocolo de capa de red.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV30\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D42A82B-7241-4564-BCC1-9C4E7EB18881\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB6BD18B-B9BD-452F-986E-16A6668E46B6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70352B04-C3FD-47F5-A2F8-691CF63EB50D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE063AF2-5579-4D7E-8829-9102FC7CB994\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51938C0A-AFDB-4B12-BB64-9C67FC0C738F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A18E4A46-10D3-48F8-9E92-377ACA447257\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_914:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67D5E61B-9F17-4C56-A1BB-3EE08CB62C53\"}]}]}],\"references\":[{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos\", \"name\": \"20190925 Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T23:24:39.243Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2019-12653\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-19T17:23:04.379799Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-19T17:23:33.348Z\"}}], \"cna\": {\"title\": \"Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability\", \"source\": {\"defect\": [[\"CSCvj91021\"]], \"advisory\": \"cisco-sa-20190925-rawtcp-dos\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"CHANGED\", \"version\": \"3.0\", \"baseScore\": 8.6, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco IOS XE Software\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"n/a\", \"versionType\": \"custom\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"datePublic\": \"2019-09-25T00:00:00\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos\", \"name\": \"20190925 Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2019-09-25T20:15:33\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.0\", \"baseScore\": \"8.6\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\"}}, \"source\": {\"defect\": [[\"CSCvj91021\"]], \"advisory\": \"cisco-sa-20190925-rawtcp-dos\", \"discovery\": \"INTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"affected\": \"\u003c\", \"version_value\": \"n/a\", \"version_affected\": \"\u003c\"}]}, \"product_name\": \"Cisco IOS XE Software\"}]}, \"vendor_name\": \"Cisco\"}]}}, \"exploit\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos\", \"name\": \"20190925 Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability\", \"refsource\": \"CISCO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-20\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2019-12653\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2019-09-25T16:00:00-0700\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2019-12653\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-19T18:56:20.282Z\", \"dateReserved\": \"2019-06-04T00:00:00\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2019-09-25T20:15:33.350896Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2019-AVI-468

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	IOS	Cisco IOS Gateways with Session Initiation Protocol (SIP)
Cisco	N/A	Cisco Business Edition 4000 (BE4K)
Cisco	N/A	Cisco Catalyst 4500 Supervisor Engine 6L-E
Cisco	N/A	Cisco Cloud Services Router (CSR) 1000V Series
Cisco	N/A	Cisco Enterprise Network Compute System (ENCS)
Cisco	N/A	Cisco TDM Gateways
Cisco	N/A	Cisco Catalyst 4948E-F Ethernet Switch
Cisco	N/A	Cisco Catalyst 4500 Supervisor Engine 6-E
Cisco	N/A	Cisco Unified Survivable Remote Site Telephony (SRST)
Cisco	N/A	Cisco Catalyst 4948E Ethernet Switch
Cisco	IOS XE	Cisco ASR 900 Series routers avec Cisco IOS XE version 16.9 configuré en tant que serveur Raw Socket TCP
Cisco	IOS	Cisco Industrial Ethernet 4000 Series Switches: Cisco IOS Software versions antérieures à 15.2(7)E
Cisco	N/A	Cisco 800 Series Industrial Integrated Services Routers et Cisco 1000 Series Connected Grid Routers (CGR 1000)
Cisco	N/A	Cisco Unified Border Element (CUBE)
Cisco	IOS XE	Cisco IOS et IOS XE (voir sur le site du constructeur pour les versions vulnérables)
Cisco	N/A	Cisco Catalyst 4900M Switch
Cisco	N/A	Cisco IC3000 Industrial Compute Gateway: Industrial Compute Gateway Software versions antérieures à 1.1.1
Cisco	N/A	Cisco CGR 1000 Compute Module: CGR 1000 IOx Compute Platform Firmware
Cisco	N/A	Cisco Integrated Services Virtual Router (ISRv)
Cisco	N/A	Cisco Catalyst 3850 et 9300 Series Switches
Cisco	N/A	Cisco 1100, 4200 et 4300 Integrated Services Routers (ISRs)
Cisco	Unified Communications Manager	Cisco Unified Communications Manager Express (CME)
Cisco	N/A	Cisco 510 WPAN Industrial Router: Industrial Routers Operating System Software versions antérieures à 6.1.27

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20190925-identd-dos du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-webui-cmd-injection du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-iox du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-rawtcp-dos du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-ios-gos-auth du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-cat4000-tcp-dos du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-iosxe-fsdos du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-ftp du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-utd du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-iosxe-digsig-bypass du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-sip-dos du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-sip-alg du 25 septembre 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco IOS Gateways with Session Initiation Protocol (SIP)",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Business Edition 4000 (BE4K)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Catalyst 4500 Supervisor Engine 6L-E",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Cloud Services Router (CSR) 1000V Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Enterprise Network Compute System (ENCS)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco TDM Gateways",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Catalyst 4948E-F Ethernet Switch",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Catalyst 4500 Supervisor Engine 6-E",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Unified Survivable Remote Site Telephony (SRST)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Catalyst 4948E Ethernet Switch",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ASR 900 Series routers avec Cisco IOS XE version 16.9 configur\u00e9 en tant que serveur Raw Socket TCP",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Industrial Ethernet 4000 Series Switches: Cisco IOS Software versions ant\u00e9rieures \u00e0 15.2(7)E",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco 800 Series Industrial Integrated Services Routers et Cisco 1000 Series Connected Grid Routers (CGR 1000)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Unified Border Element (CUBE)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS et IOS XE (voir sur le site du constructeur pour les versions vuln\u00e9rables)",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Catalyst 4900M Switch",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IC3000 Industrial Compute Gateway: Industrial Compute Gateway Software versions ant\u00e9rieures \u00e0 1.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco CGR 1000 Compute Module: CGR 1000 IOx Compute Platform Firmware",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Integrated Services Virtual Router (ISRv)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Catalyst 3850 et 9300 Series Switches",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco 1100, 4200 et 4300 Integrated Services Routers (ISRs)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Unified Communications Manager Express (CME)",
      "product": {
        "name": "Unified Communications Manager",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco 510 WPAN Industrial Router: Industrial Routers Operating System Software versions ant\u00e9rieures \u00e0 6.1.27",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-12656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12656"
    },
    {
      "name": "CVE-2019-12650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12650"
    },
    {
      "name": "CVE-2019-12648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12648"
    },
    {
      "name": "CVE-2019-12657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12657"
    },
    {
      "name": "CVE-2019-12649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12649"
    },
    {
      "name": "CVE-2019-12651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12651"
    },
    {
      "name": "CVE-2019-12655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12655"
    },
    {
      "name": "CVE-2019-12653",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12653"
    },
    {
      "name": "CVE-2019-12646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12646"
    },
    {
      "name": "CVE-2019-12652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12652"
    },
    {
      "name": "CVE-2019-12647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12647"
    },
    {
      "name": "CVE-2019-12658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12658"
    },
    {
      "name": "CVE-2019-12654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12654"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-468",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-09-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement\nde la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-identd-dos du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-webui-cmd-injection du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-iox du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iox"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-rawtcp-dos du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-ios-gos-auth du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-cat4000-tcp-dos du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-cat4000-tcp-dos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-iosxe-fsdos du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iosxe-fsdos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-ftp du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ftp"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-utd du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-utd"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-iosxe-digsig-bypass du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iosxe-digsig-bypass"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-sip-dos du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-dos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-sip-alg du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-alg"
    }
  ]
}

CERTFR-2019-AVI-468

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	IOS	Cisco IOS Gateways with Session Initiation Protocol (SIP)
Cisco	N/A	Cisco Business Edition 4000 (BE4K)
Cisco	N/A	Cisco Catalyst 4500 Supervisor Engine 6L-E
Cisco	N/A	Cisco Cloud Services Router (CSR) 1000V Series
Cisco	N/A	Cisco Enterprise Network Compute System (ENCS)
Cisco	N/A	Cisco TDM Gateways
Cisco	N/A	Cisco Catalyst 4948E-F Ethernet Switch
Cisco	N/A	Cisco Catalyst 4500 Supervisor Engine 6-E
Cisco	N/A	Cisco Unified Survivable Remote Site Telephony (SRST)
Cisco	N/A	Cisco Catalyst 4948E Ethernet Switch
Cisco	IOS XE	Cisco ASR 900 Series routers avec Cisco IOS XE version 16.9 configuré en tant que serveur Raw Socket TCP
Cisco	IOS	Cisco Industrial Ethernet 4000 Series Switches: Cisco IOS Software versions antérieures à 15.2(7)E
Cisco	N/A	Cisco 800 Series Industrial Integrated Services Routers et Cisco 1000 Series Connected Grid Routers (CGR 1000)
Cisco	N/A	Cisco Unified Border Element (CUBE)
Cisco	IOS XE	Cisco IOS et IOS XE (voir sur le site du constructeur pour les versions vulnérables)
Cisco	N/A	Cisco Catalyst 4900M Switch
Cisco	N/A	Cisco IC3000 Industrial Compute Gateway: Industrial Compute Gateway Software versions antérieures à 1.1.1
Cisco	N/A	Cisco CGR 1000 Compute Module: CGR 1000 IOx Compute Platform Firmware
Cisco	N/A	Cisco Integrated Services Virtual Router (ISRv)
Cisco	N/A	Cisco Catalyst 3850 et 9300 Series Switches
Cisco	N/A	Cisco 1100, 4200 et 4300 Integrated Services Routers (ISRs)
Cisco	Unified Communications Manager	Cisco Unified Communications Manager Express (CME)
Cisco	N/A	Cisco 510 WPAN Industrial Router: Industrial Routers Operating System Software versions antérieures à 6.1.27

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20190925-identd-dos du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-webui-cmd-injection du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-iox du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-rawtcp-dos du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-ios-gos-auth du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-cat4000-tcp-dos du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-iosxe-fsdos du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-ftp du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-utd du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-iosxe-digsig-bypass du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-sip-dos du 25 septembre 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190925-sip-alg du 25 septembre 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco IOS Gateways with Session Initiation Protocol (SIP)",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Business Edition 4000 (BE4K)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Catalyst 4500 Supervisor Engine 6L-E",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Cloud Services Router (CSR) 1000V Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Enterprise Network Compute System (ENCS)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco TDM Gateways",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Catalyst 4948E-F Ethernet Switch",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Catalyst 4500 Supervisor Engine 6-E",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Unified Survivable Remote Site Telephony (SRST)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Catalyst 4948E Ethernet Switch",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ASR 900 Series routers avec Cisco IOS XE version 16.9 configur\u00e9 en tant que serveur Raw Socket TCP",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Industrial Ethernet 4000 Series Switches: Cisco IOS Software versions ant\u00e9rieures \u00e0 15.2(7)E",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco 800 Series Industrial Integrated Services Routers et Cisco 1000 Series Connected Grid Routers (CGR 1000)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Unified Border Element (CUBE)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS et IOS XE (voir sur le site du constructeur pour les versions vuln\u00e9rables)",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Catalyst 4900M Switch",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IC3000 Industrial Compute Gateway: Industrial Compute Gateway Software versions ant\u00e9rieures \u00e0 1.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco CGR 1000 Compute Module: CGR 1000 IOx Compute Platform Firmware",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Integrated Services Virtual Router (ISRv)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Catalyst 3850 et 9300 Series Switches",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco 1100, 4200 et 4300 Integrated Services Routers (ISRs)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Unified Communications Manager Express (CME)",
      "product": {
        "name": "Unified Communications Manager",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco 510 WPAN Industrial Router: Industrial Routers Operating System Software versions ant\u00e9rieures \u00e0 6.1.27",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-12656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12656"
    },
    {
      "name": "CVE-2019-12650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12650"
    },
    {
      "name": "CVE-2019-12648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12648"
    },
    {
      "name": "CVE-2019-12657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12657"
    },
    {
      "name": "CVE-2019-12649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12649"
    },
    {
      "name": "CVE-2019-12651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12651"
    },
    {
      "name": "CVE-2019-12655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12655"
    },
    {
      "name": "CVE-2019-12653",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12653"
    },
    {
      "name": "CVE-2019-12646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12646"
    },
    {
      "name": "CVE-2019-12652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12652"
    },
    {
      "name": "CVE-2019-12647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12647"
    },
    {
      "name": "CVE-2019-12658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12658"
    },
    {
      "name": "CVE-2019-12654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12654"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-468",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-09-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement\nde la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-identd-dos du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-webui-cmd-injection du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-iox du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iox"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-rawtcp-dos du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-ios-gos-auth du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-cat4000-tcp-dos du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-cat4000-tcp-dos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-iosxe-fsdos du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iosxe-fsdos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-ftp du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ftp"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-utd du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-utd"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-iosxe-digsig-bypass du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iosxe-digsig-bypass"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-sip-dos du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-dos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190925-sip-alg du 25 septembre 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-alg"
    }
  ]
}

GSD-2019-12653

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2019-12653

Aliases

CVE-2019-12653

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-12653",
    "description": "A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol.",
    "id": "GSD-2019-12653"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-12653"
      ],
      "details": "A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol.",
      "id": "GSD-2019-12653",
      "modified": "2023-12-13T01:23:43.776299Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "DATE_PUBLIC": "2019-09-25T16:00:00-0700",
        "ID": "CVE-2019-12653",
        "STATE": "PUBLIC",
        "TITLE": "Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cisco IOS XE Software ",
                    "version": {
                      "version_data": [
                        {
                          "affected": "\u003c",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Cisco"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
        }
      ],
      "impact": {
        "cvss": {
          "baseScore": "8.6",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H ",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-20"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20190925 Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos"
          }
        ]
      },
      "source": {
        "advisory": "cisco-sa-20190925-rawtcp-dos",
        "defect": [
          [
            "CSCvj91021"
          ]
        ],
        "discovery": "INTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_914:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2019-12653"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190925 Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-10-09T23:45Z",
      "publishedDate": "2019-09-25T21:15Z"
    }
  }
}

VAR-201909-0163

Vulnerability from variot - Updated: 2023-12-18 11:59

A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol. Cisco IOS XE The software contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco ASR 900 is a 900 series aggregation service router of Cisco Company in the United States. Cisco IOS XE is an operating system developed for Cisco network equipment. The TCP fragment exploited this vulnerability to cause a denial of service

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201909-0163",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 2.2,
        "vendor": "cisco",
        "version": "16.9"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "16.10.1"
      },
      {
        "model": "ios xe",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "asr 902u",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "asr 907",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "asr 914",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "asr 902",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "asr 903",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-34373"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010050"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-12653"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201909-1193"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_914:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-12653"
      }
    ]
  },
  "cve": "CVE-2019-12653",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.8,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2019-12653",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2019-34373",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-144421",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "ykramarz@cisco.com",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 4.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2019-12653",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2019-12653",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "ykramarz@cisco.com",
            "id": "CVE-2019-12653",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-34373",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201909-1193",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-144421",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-34373"
      },
      {
        "db": "VULHUB",
        "id": "VHN-144421"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010050"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-12653"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-12653"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201909-1193"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol. Cisco IOS XE The software contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco ASR 900 is a 900 series aggregation service router of Cisco Company in the United States. Cisco IOS XE is an operating system developed for Cisco network equipment. The TCP fragment exploited this vulnerability to cause a denial of service",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-12653"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010050"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-34373"
      },
      {
        "db": "VULHUB",
        "id": "VHN-144421"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-12653",
        "trust": 3.1
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.3615",
        "trust": 1.2
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010050",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201909-1193",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-34373",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.3615.2",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-144421",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-34373"
      },
      {
        "db": "VULHUB",
        "id": "VHN-144421"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010050"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-12653"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201909-1193"
      }
    ]
  },
  "id": "VAR-201909-0163",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-34373"
      },
      {
        "db": "VULHUB",
        "id": "VHN-144421"
      }
    ],
    "trust": 0.06999999999999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-34373"
      }
    ]
  },
  "last_update_date": "2023-12-18T11:59:35.917000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20190925-rawtcp-dos",
        "trust": 0.8,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-rawtcp-dos"
      },
      {
        "title": "Patch for Cisco ASR 900 Cisco IOS XE Input Validation Error Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/183829"
      },
      {
        "title": "Cisco ASR 900 Cisco IOS XE Enter the fix for the verification error vulnerability",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=98600"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-34373"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010050"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201909-1193"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-144421"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010050"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-12653"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-rawtcp-dos"
      },
      {
        "trust": 2.0,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-12653"
      },
      {
        "trust": 1.2,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.3615/"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12653"
      },
      {
        "trust": 0.6,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-webui-cmd-injection"
      },
      {
        "trust": 0.6,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-vman-cmd-injection"
      },
      {
        "trust": 0.6,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-utd"
      },
      {
        "trust": 0.6,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-ctspac-dos"
      },
      {
        "trust": 0.6,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-xss"
      },
      {
        "trust": 0.6,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-dt"
      },
      {
        "trust": 0.6,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-sip-alg"
      },
      {
        "trust": 0.6,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-isdn-data-leak"
      },
      {
        "trust": 0.6,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iox-gs"
      },
      {
        "trust": 0.6,
        "url": "httpserv-dos"
      },
      {
        "trust": 0.6,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iosxe-fsdos"
      },
      {
        "trust": 0.6,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-ftp"
      },
      {
        "trust": 0.6,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iosxe-digsig-bypass"
      },
      {
        "trust": 0.6,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iosxe-ctbypass"
      },
      {
        "trust": 0.6,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iosxe-codeexec"
      },
      {
        "trust": 0.6,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-awr"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.3615.2/"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/cisco-ios-xe-denial-of-service-via-raw-socket-transport-30437"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-34373"
      },
      {
        "db": "VULHUB",
        "id": "VHN-144421"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010050"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-12653"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201909-1193"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-34373"
      },
      {
        "db": "VULHUB",
        "id": "VHN-144421"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010050"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-12653"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201909-1193"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-34373"
      },
      {
        "date": "2019-09-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-144421"
      },
      {
        "date": "2019-10-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-010050"
      },
      {
        "date": "2019-09-25T21:15:10.657000",
        "db": "NVD",
        "id": "CVE-2019-12653"
      },
      {
        "date": "2019-09-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201909-1193"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-34373"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-144421"
      },
      {
        "date": "2019-10-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-010050"
      },
      {
        "date": "2019-10-09T23:45:58.373000",
        "db": "NVD",
        "id": "CVE-2019-12653"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201909-1193"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201909-1193"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco ASR 900 Cisco IOS XE Input Validation Error Vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-34373"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201909-1193"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201909-1193"
      }
    ],
    "trust": 0.6
  }
}

CISCO-SA-20190925-RAWTCP-DOS

Vulnerability from csaf_cisco - Published: 2019-09-25 16:00 - Updated: 2019-09-25 16:00

Summary

Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability

Notes

Summary

A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is part of the September 25, 2019, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 13 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2019 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication ["https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-72547"].

Vulnerable Products

This vulnerability affects Cisco ASR 900 Series routers that are running Cisco IOS XE Software Release 16.9 and that are configured as a Raw Socket TCP Server. The Raw Socket TCP Server is not enabled in Cisco IOS XE Software by default. For information about which Cisco IOS XE Software releases are vulnerable, see the Fixed Software ["#fs"] section of this advisory. Determine Whether a Raw Socket TCP Server is Enabled To determine whether a Raw Socket TCP Server has been enabled, administrators can use the show raw-socket tcp detail | include Socket|listening command and look for a socket in listening state. The following example shows the output of the show raw-socket tcp detail | include Socket|listening command on a device that has a Raw Socket TCP Server enabled on port 2009 (the listening TCP port is configurable and may vary): ASR900#show raw-socket tcp detail | include Socket|listening --------------------------------------------- Socket Mapping -------------------------------------------- Socket status interface tty vrf_name hwidb local_ip_addr local_port dest_ip_addr dest_port [ 0] listening 0/0/8 108 76EE31E8 10.122.161.166 2009 ------ ----

Products Confirmed Not Vulnerable

Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect Cisco IOS Software, Cisco IOS XR Software, or Cisco NX-OS Software.

Indicators of Compromise

A successful exploit of this vulnerability will cause an affected device to reload and generate a crashinfo file. A successful exploit of this vulnerability may be confirmed by decoding the stack trace for the device and determining whether the stack trace correlates with this vulnerability. Contact the Cisco Technical Assistance Center (TAC) to review the crashinfo file and determine whether the device has been compromised by exploitation of this vulnerability.

Workarounds

There are no workarounds that address this vulnerability. To reduce the attack surface, administrators can use infrastructure access control lists (iACLs) on the interface to which the Raw Socket TCP Server is bound to restrict access to the Raw Socket TCP Server to trusted hosts only. Please refer to the Cisco Guide to Harden Cisco IOS Devices ["https://www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html"] for further information on how to configure iACLs.

Fixed Software

Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/end-user-license-agreement.html ["https://www.cisco.com/c/en/us/products/end-user-license-agreement.html"] Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page ["https://www.cisco.com/go/psirt"], to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html ["https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"] Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Cisco IOS and IOS XE Software To help customers determine their exposure to vulnerabilities in Cisco IOS and IOS XE Software, Cisco provides a tool, the Cisco IOS Software Checker ["https://sec.cloudapps.cisco.com/security/center/softwarechecker.x"], that identifies any Cisco Security Advisories that impact a specific software release and the earliest release that fixes the vulnerabilities described in each advisory (“First Fixed”). If applicable, the tool also returns the earliest release that fixes all the vulnerabilities described in all the advisories identified (“Combined First Fixed”). Customers can use this tool to perform the following tasks: Initiate a search by choosing one or more releases from a drop-down list or uploading a file from a local system for the tool to parse Enter the output of the show version command for the tool to parse Create a custom search by including all previously published Cisco Security Advisories, a specific advisory, or all advisories in the most recent bundled publication To determine whether a release is affected by any published Cisco Security Advisory, use the Cisco IOS Software Checker ["https://sec.cloudapps.cisco.com/security/center/softwarechecker.x"] on Cisco.com or enter a Cisco IOS or IOS XE Software release—for example, 15.1(4)M2 or 3.13.8S—in the following field: By default, the Cisco IOS Software Checker includes results only for vulnerabilities that have a Critical or High Security Impact Rating (SIR). To include results for Medium SIR vulnerabilities, use the Cisco IOS Software Checker on Cisco.com and check the Medium check box in the Impact Rating drop-down list. For a mapping of Cisco IOS XE Software releases to Cisco IOS Software releases, refer to the Cisco IOS XE 2 Release Notes ["https://www.cisco.com/c/en/us/td/docs/ios/ios_xe/2/release/notes/rnasr21/rnasr21_gen.html#wp3000032"], Cisco IOS XE 3S Release Notes ["https://www.cisco.com/c/en/us/td/docs/ios/ios_xe/3/release/notes/asr1k_rn_3s_rel_notes/asr1k_rn_3s_sys_req.html#wp3069754"], or Cisco IOS XE 3SG Release Notes ["https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/release/note/OL_24726.html#pgfId-2570252"], depending on the Cisco IOS XE Software release.

Vulnerability Policy

To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.

Exploitation and Public Announcements

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Source

This vulnerability was found during the resolution of a Cisco TAC support case.

Legal Disclaimer

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "summary": "This vulnerability was found during the resolution of a Cisco TAC support case."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "notes": [
      {
        "category": "summary",
        "text": "A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition.\r\n\r\nThe vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\r\n\r\n\r\n\r\nThis advisory is part of the September 25, 2019, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 13 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2019 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [\"https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-72547\"].",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "This vulnerability affects Cisco ASR 900 Series routers that are running Cisco IOS XE Software Release 16.9 and that are configured as a Raw Socket TCP Server. The Raw Socket TCP Server is not enabled in Cisco IOS XE Software by default.\r\n\r\nFor information about which Cisco IOS XE Software releases are vulnerable, see the Fixed Software [\"#fs\"] section of this advisory.\r\n\r\nDetermine Whether a Raw Socket TCP Server is Enabled\r\n\r\nTo determine whether a Raw Socket TCP Server has been enabled, administrators can use the show raw-socket tcp detail | include Socket|listening command and look for a socket in listening state. The following example shows the output of the show raw-socket tcp detail | include Socket|listening command on a device that has a Raw Socket TCP Server enabled on port 2009 (the listening TCP port is configurable and may vary):\r\n\r\n\r\nASR900#show raw-socket tcp detail | include Socket|listening\r\n--------------------------------------------- Socket Mapping --------------------------------------------  Socket   status   interface  tty       vrf_name       hwidb     local_ip_addr  local_port   dest_ip_addr  dest_port  [   0] listening    0/0/8    108                      76EE31E8  10.122.161.166       2009          ------      ----",
        "title": "Vulnerable Products"
      },
      {
        "category": "general",
        "text": "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by this vulnerability.\r\n  Cisco has confirmed that this vulnerability does not affect Cisco IOS Software, Cisco IOS XR Software, or Cisco NX-OS Software.",
        "title": "Products Confirmed Not Vulnerable"
      },
      {
        "category": "general",
        "text": "A successful exploit of this vulnerability will cause an affected device to reload and generate a crashinfo file.\r\n\r\nA successful exploit of this vulnerability may be confirmed by decoding the stack trace for the device and determining whether the stack trace correlates with this vulnerability.\r\n\r\nContact the Cisco Technical Assistance Center (TAC) to review the crashinfo file and determine whether the device has been compromised by exploitation of this vulnerability.",
        "title": "Indicators of Compromise"
      },
      {
        "category": "general",
        "text": "There are no workarounds that address this vulnerability.\r\n\r\nTo reduce the attack surface, administrators can use infrastructure access control lists (iACLs) on the interface to which the Raw Socket TCP Server is bound to restrict access to the Raw Socket TCP Server to trusted hosts only. Please refer to the Cisco Guide to Harden Cisco IOS Devices [\"https://www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html\"] for further information on how to configure iACLs.",
        "title": "Workarounds"
      },
      {
        "category": "general",
        "text": "Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license:\r\nhttps://www.cisco.com/c/en/us/products/end-user-license-agreement.html [\"https://www.cisco.com/c/en/us/products/end-user-license-agreement.html\"]\r\n\r\nAdditionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades.\r\n\r\nWhen considering software upgrades [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page [\"https://www.cisco.com/go/psirt\"], to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.\r\n  Customers Without Service Contracts\r\nCustomers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC:\r\nhttps://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html [\"https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html\"]\r\n\r\nCustomers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.\r\n\r\n\r\n                        Cisco IOS and IOS XE Software\r\nTo help customers determine their exposure to vulnerabilities in Cisco IOS and IOS XE Software, Cisco provides a tool, the Cisco IOS Software Checker [\"https://sec.cloudapps.cisco.com/security/center/softwarechecker.x\"], that identifies any Cisco Security Advisories that impact a specific software release and the earliest release that fixes the vulnerabilities described in each advisory (\u201cFirst Fixed\u201d). If applicable, the tool also returns the earliest release that fixes all the vulnerabilities described in all the advisories identified (\u201cCombined First Fixed\u201d).\r\n\r\nCustomers can use this tool to perform the following tasks:\r\n\r\nInitiate a search by choosing one or more releases from a drop-down list or uploading a file from a local system for the tool to parse\r\nEnter the output of the show version command for the tool to parse\r\nCreate a custom search by including all previously published Cisco Security Advisories, a specific advisory, or all advisories in the most recent bundled publication\r\n\r\nTo determine whether a release is affected by any published Cisco Security Advisory, use the Cisco IOS Software Checker [\"https://sec.cloudapps.cisco.com/security/center/softwarechecker.x\"] on Cisco.com or enter a Cisco IOS or IOS XE Software release\u2014for example, 15.1(4)M2 or 3.13.8S\u2014in the following field:\r\n\r\n\r\n\r\nBy default, the Cisco IOS Software Checker includes results only for vulnerabilities that have a Critical or High Security Impact Rating (SIR). To include results for Medium SIR vulnerabilities, use the Cisco IOS Software Checker on Cisco.com and check the Medium check box in the Impact Rating drop-down list.\r\n\r\n\r\n\r\nFor a mapping of Cisco IOS XE Software releases to Cisco IOS Software releases, refer to the Cisco IOS XE 2 Release Notes [\"https://www.cisco.com/c/en/us/td/docs/ios/ios_xe/2/release/notes/rnasr21/rnasr21_gen.html#wp3000032\"], Cisco IOS XE 3S Release Notes [\"https://www.cisco.com/c/en/us/td/docs/ios/ios_xe/3/release/notes/asr1k_rn_3s_rel_notes/asr1k_rn_3s_sys_req.html#wp3069754\"], or Cisco IOS XE 3SG Release Notes [\"https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/release/note/OL_24726.html#pgfId-2570252\"], depending on the Cisco IOS XE Software release.",
        "title": "Fixed Software"
      },
      {
        "category": "general",
        "text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
        "title": "Vulnerability Policy"
      },
      {
        "category": "general",
        "text": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
        "title": "Exploitation and Public Announcements"
      },
      {
        "category": "general",
        "text": "This vulnerability was found during the resolution of a Cisco TAC support case.",
        "title": "Source"
      },
      {
        "category": "legal_disclaimer",
        "text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
        "title": "Legal Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@cisco.com",
      "issuing_authority": "Cisco PSIRT",
      "name": "Cisco",
      "namespace": "https://wwww.cisco.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos"
      },
      {
        "category": "external",
        "summary": "Cisco Event Response: September 2019 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication",
        "url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-72547"
      },
      {
        "category": "external",
        "summary": "Cisco Security Vulnerability Policy",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
      },
      {
        "category": "external",
        "summary": "Cisco Event Response: September 2019 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication",
        "url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-72547"
      },
      {
        "category": "external",
        "summary": "Cisco Guide to Harden Cisco IOS Devices",
        "url": "https://www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html"
      },
      {
        "category": "external",
        "summary": "https://www.cisco.com/c/en/us/products/end-user-license-agreement.html",
        "url": "https://www.cisco.com/c/en/us/products/end-user-license-agreement.html"
      },
      {
        "category": "external",
        "summary": "considering software upgrades",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisories and Alerts page",
        "url": "https://www.cisco.com/go/psirt"
      },
      {
        "category": "external",
        "summary": "https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html",
        "url": "https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"
      },
      {
        "category": "external",
        "summary": "Cisco\u0026nbsp;IOS Software Checker",
        "url": "https://sec.cloudapps.cisco.com/security/center/softwarechecker.x"
      },
      {
        "category": "external",
        "summary": "Cisco\u0026nbsp;IOS XE 2 Release Notes",
        "url": "https://www.cisco.com/c/en/us/td/docs/ios/ios_xe/2/release/notes/rnasr21/rnasr21_gen.html#wp3000032"
      },
      {
        "category": "external",
        "summary": "Cisco\u0026nbsp;IOS XE 3S Release Notes",
        "url": "https://www.cisco.com/c/en/us/td/docs/ios/ios_xe/3/release/notes/asr1k_rn_3s_rel_notes/asr1k_rn_3s_sys_req.html#wp3069754"
      },
      {
        "category": "external",
        "summary": "Cisco\u0026nbsp;IOS XE 3SG Release Notes",
        "url": "https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/release/note/OL_24726.html#pgfId-2570252"
      }
    ],
    "title": "Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability",
    "tracking": {
      "current_release_date": "2019-09-25T16:00:00+00:00",
      "generator": {
        "date": "2024-05-10T22:48:52+00:00",
        "engine": {
          "name": "TVCE"
        }
      },
      "id": "cisco-sa-20190925-rawtcp-dos",
      "initial_release_date": "2019-09-25T16:00:00+00:00",
      "revision_history": [
        {
          "date": "2019-09-25T15:51:27+00:00",
          "number": "1.0.0",
          "summary": "Initial public release."
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "service_pack",
                    "name": "16.9.1",
                    "product": {
                      "name": "16.9.1",
                      "product_id": "CSAFPID-225856"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.2",
                    "product": {
                      "name": "16.9.2",
                      "product_id": "CSAFPID-232008"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.1a",
                    "product": {
                      "name": "16.9.1a",
                      "product_id": "CSAFPID-242308"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.1b",
                    "product": {
                      "name": "16.9.1b",
                      "product_id": "CSAFPID-243362"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.1s",
                    "product": {
                      "name": "16.9.1s",
                      "product_id": "CSAFPID-244530"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.1c",
                    "product": {
                      "name": "16.9.1c",
                      "product_id": "CSAFPID-245375"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.1d",
                    "product": {
                      "name": "16.9.1d",
                      "product_id": "CSAFPID-248242"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.3",
                    "product": {
                      "name": "16.9.3",
                      "product_id": "CSAFPID-251075"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.2a",
                    "product": {
                      "name": "16.9.2a",
                      "product_id": "CSAFPID-251166"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.2s",
                    "product": {
                      "name": "16.9.2s",
                      "product_id": "CSAFPID-252272"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.3h",
                    "product": {
                      "name": "16.9.3h",
                      "product_id": "CSAFPID-258229"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.4",
                    "product": {
                      "name": "16.9.4",
                      "product_id": "CSAFPID-262390"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.3s",
                    "product": {
                      "name": "16.9.3s",
                      "product_id": "CSAFPID-262549"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.3a",
                    "product": {
                      "name": "16.9.3a",
                      "product_id": "CSAFPID-263804"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.4c",
                    "product": {
                      "name": "16.9.4c",
                      "product_id": "CSAFPID-268921"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.5",
                    "product": {
                      "name": "16.9.5",
                      "product_id": "CSAFPID-271798"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.5f",
                    "product": {
                      "name": "16.9.5f",
                      "product_id": "CSAFPID-276837"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.6",
                    "product": {
                      "name": "16.9.6",
                      "product_id": "CSAFPID-277945"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.7",
                    "product": {
                      "name": "16.9.7",
                      "product_id": "CSAFPID-280651"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.8",
                    "product": {
                      "name": "16.9.8",
                      "product_id": "CSAFPID-280938"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.8a",
                    "product": {
                      "name": "16.9.8a",
                      "product_id": "CSAFPID-290562"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "16.9.8b",
                    "product": {
                      "name": "16.9.8b",
                      "product_id": "CSAFPID-290669"
                    }
                  }
                ],
                "category": "product_version",
                "name": "16.9"
              }
            ],
            "category": "product_family",
            "name": "Cisco IOS XE Software"
          }
        ],
        "category": "vendor",
        "name": "Cisco"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-12653",
      "ids": [
        {
          "system_name": "Cisco Bug ID",
          "text": "CSCvj91021"
        }
      ],
      "notes": [
        {
          "category": "other",
          "text": "Complete.",
          "title": "Affected Product Comprehensiveness"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-225856",
          "CSAFPID-232008",
          "CSAFPID-242308",
          "CSAFPID-243362",
          "CSAFPID-244530",
          "CSAFPID-245375",
          "CSAFPID-248242",
          "CSAFPID-251075",
          "CSAFPID-251166",
          "CSAFPID-252272",
          "CSAFPID-258229",
          "CSAFPID-262390",
          "CSAFPID-262549",
          "CSAFPID-263804",
          "CSAFPID-268921",
          "CSAFPID-271798",
          "CSAFPID-276837",
          "CSAFPID-277945",
          "CSAFPID-280651",
          "CSAFPID-280938",
          "CSAFPID-290562",
          "CSAFPID-290669"
        ]
      },
      "release_date": "2019-09-25T16:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Cisco has released software updates that address this vulnerability.",
          "product_ids": [
            "CSAFPID-225856",
            "CSAFPID-232008",
            "CSAFPID-242308",
            "CSAFPID-243362",
            "CSAFPID-244530",
            "CSAFPID-245375",
            "CSAFPID-248242",
            "CSAFPID-251075",
            "CSAFPID-251166",
            "CSAFPID-252272",
            "CSAFPID-258229",
            "CSAFPID-262390",
            "CSAFPID-262549",
            "CSAFPID-263804",
            "CSAFPID-268921",
            "CSAFPID-271798",
            "CSAFPID-276837",
            "CSAFPID-277945",
            "CSAFPID-280651",
            "CSAFPID-280938",
            "CSAFPID-290562",
            "CSAFPID-290669"
          ],
          "url": "https://software.cisco.com"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-225856",
            "CSAFPID-232008",
            "CSAFPID-242308",
            "CSAFPID-243362",
            "CSAFPID-244530",
            "CSAFPID-245375",
            "CSAFPID-248242",
            "CSAFPID-251075",
            "CSAFPID-251166",
            "CSAFPID-252272",
            "CSAFPID-258229",
            "CSAFPID-262390",
            "CSAFPID-262549",
            "CSAFPID-263804",
            "CSAFPID-268921",
            "CSAFPID-271798",
            "CSAFPID-276837",
            "CSAFPID-277945",
            "CSAFPID-280651",
            "CSAFPID-280938",
            "CSAFPID-290562",
            "CSAFPID-290669"
          ]
        }
      ],
      "title": "Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability"
    }
  ]
}

FKIE_CVE-2019-12653

Vulnerability from fkie_nvd - Published: 2019-09-25 21:15 - Updated: 2024-11-21 04:23

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	ios_xe	16.9
cisco	ios_xe	16.10.1
cisco	asr_902	-
cisco	asr_902u	-
cisco	asr_903	-
cisco	asr_907	-
cisco	asr_914	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D42A82B-7241-4564-BCC1-9C4E7EB18881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB6BD18B-B9BD-452F-986E-16A6668E46B6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70352B04-C3FD-47F5-A2F8-691CF63EB50D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE063AF2-5579-4D7E-8829-9102FC7CB994",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51938C0A-AFDB-4B12-BB64-9C67FC0C738F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18E4A46-10D3-48F8-9E92-377ACA447257",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_914:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67D5E61B-9F17-4C56-A1BB-3EE08CB62C53",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad Raw Socket Transport del software Cisco IOS XE, podr\u00eda permitir a un atacante remoto no autenticado desencadenar una recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido al an\u00e1lisis inapropiado de las cargas \u00fatiles de Raw Socket Transport. Un atacante podr\u00eda explotar esta vulnerabilidad al establecer una sesi\u00f3n TCP y entonces enviar un segmento TCP malicioso por medio de IPv4 hacia un dispositivo afectado. Esto no puede ser explotado por medio de IPv6, ya que la funci\u00f3n de Raw Socket Transport no admite IPv6 como protocolo de capa de red."
    }
  ],
  "id": "CVE-2019-12653",
  "lastModified": "2024-11-21T04:23:16.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-09-25T21:15:10.657",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2019-34373

Vulnerability from cnvd - Published: 2019-10-10

Title

Cisco ASR 900 Cisco IOS XE输入验证错误漏洞

Description

Cisco ASR 900是美国思科（Cisco）公司的一款900系列聚合服务路由器。Cisco IOS XE是一套为Cisco网络设备开发的操作系统。 Cisco ASR 900系列中的Cisco IOS XE 16.9版本的Raw Socket Transport功能存在输入验证错误漏洞，该漏洞源于程序未能正确解析Raw Socket Transport payloads，远程攻击者可通过建立TCP会话并借助IPv4发送恶意的TCP片段利用该漏洞造成拒绝服务。

Severity

高

Patch Name

Cisco ASR 900 Cisco IOS XE输入验证错误漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos

Reference

https://nvd.nist.gov/vuln/detail/CVE-2019-12653 https://www.auscert.org.au/bulletins/ESB-2019.3615/ https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos

Impacted products

Name
Cisco IOS XE 16.9

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-12653"
    }
  },
  "description": "Cisco ASR 900\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u6b3e900\u7cfb\u5217\u805a\u5408\u670d\u52a1\u8def\u7531\u5668\u3002Cisco IOS XE\u662f\u4e00\u5957\u4e3aCisco\u7f51\u7edc\u8bbe\u5907\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\n\nCisco ASR 900\u7cfb\u5217\u4e2d\u7684Cisco IOS XE 16.9\u7248\u672c\u7684Raw Socket Transport\u529f\u80fd\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u89e3\u6790Raw Socket Transport payloads\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5efa\u7acbTCP\u4f1a\u8bdd\u5e76\u501f\u52a9IPv4\u53d1\u9001\u6076\u610f\u7684TCP\u7247\u6bb5\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-34373",
  "openTime": "2019-10-10",
  "patchDescription": "Cisco ASR 900\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u6b3e900\u7cfb\u5217\u805a\u5408\u670d\u52a1\u8def\u7531\u5668\u3002Cisco IOS XE\u662f\u4e00\u5957\u4e3aCisco\u7f51\u7edc\u8bbe\u5907\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nCisco ASR 900\u7cfb\u5217\u4e2d\u7684Cisco IOS XE 16.9\u7248\u672c\u7684Raw Socket Transport\u529f\u80fd\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u89e3\u6790Raw Socket Transport payloads\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5efa\u7acbTCP\u4f1a\u8bdd\u5e76\u501f\u52a9IPv4\u53d1\u9001\u6076\u610f\u7684TCP\u7247\u6bb5\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco ASR 900 Cisco IOS XE\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco IOS XE 16.9"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-12653\r\nhttps://www.auscert.org.au/bulletins/ESB-2019.3615/\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos",
  "serverity": "\u9ad8",
  "submitTime": "2019-09-27",
  "title": "Cisco ASR 900 Cisco IOS XE\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e"
}

GHSA-P8WR-6H8H-GJC7

Vulnerability from github – Published: 2022-05-24 16:56 – Updated: 2024-04-04 01:59

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-12653"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-09-25T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol.",
  "id": "GHSA-p8wr-6h8h-gjc7",
  "modified": "2024-04-04T01:59:49Z",
  "published": "2022-05-24T16:56:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12653"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-12653 (GCVE-0-2019-12653)

Solution

Solution

Tags

Sightings

Nomenclature