FKIE_CVE-2019-1697

Vulnerability from fkie_nvd - Published: 2019-05-03 16:29 - Updated: 2024-11-21 04:37
Severity ?
6.8 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets sent to an affected device. An attacker could exploit these vulnerabilities by sending a crafted LDAP packet, using Basic Encoding Rules (BER), to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
References
psirt@cisco.comhttp://www.securityfocus.com/bid/108182
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftds-ldapdosVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108182
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftds-ldapdosVendor Advisory
Impacted products
Vendor Product Version
cisco adaptive_security_appliance_software *
cisco adaptive_security_appliance_software *
cisco adaptive_security_appliance_software *
cisco adaptive_security_appliance_software *
cisco asa_5505 -
cisco asa_5510 -
cisco asa_5512-x -
cisco asa_5515-x -
cisco asa_5520 -
cisco asa_5525-x -
cisco asa_5540 -
cisco asa_5545-x -
cisco asa_5550 -
cisco asa_5555-x -
cisco asa_5580 -
cisco asa_5585-x -
cisco firepower_threat_defense *
cisco firepower_threat_defense *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "259E2B41-3EC2-42D3-AAF1-4B855F9E28C3",
              "versionEndExcluding": "9.6.4.25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C812C8D5-3159-434C-8B9F-8CB0A8767923",
              "versionEndExcluding": "9.8.4",
              "versionStartIncluding": "9.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABCD2AF8-97D4-45C6-B80E-D5FA9B719BD5",
              "versionEndExcluding": "9.9.2.50",
              "versionStartIncluding": "9.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4C6B343-2D4D-4C7E-A59E-629773DD2E60",
              "versionEndExcluding": "9.10.1.17",
              "versionStartIncluding": "9.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15251834-D900-42F9-AC0B-4167CE851116",
              "versionEndExcluding": "6.2.3.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A16803C-579C-4992-B37E-7CEC17307659",
              "versionEndExcluding": "6.3.0.3",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets sent to an affected device. An attacker could exploit these vulnerabilities by sending a crafted LDAP packet, using Basic Encoding Rules (BER), to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de la funci\u00f3n del Lightweight Directory Access Protocol (LDAP) en el software Cisco Adaptive Security Appliance (ASA) y en el software Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado provoque la recarga de un dispositivo afectado, lo que resulta en una Condici\u00f3n de denegaci\u00f3n de servicio (DoS). Las vulnerabilidades se deben al an\u00e1lisis incorrecto de los paquetes LDAP enviados a un dispositivo afectado. Un atacante podr\u00eda explotar estas vulnerabilidades enviando un paquete LDAP creado, usando Reglas de codificaci\u00f3n b\u00e1sicas (BER), para ser procesado por un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante haga que el dispositivo afectado se vuelva a cargar, lo que resulta en una condici\u00f3n DoS."
    }
  ],
  "id": "CVE-2019-1697",
  "lastModified": "2024-11-21T04:37:07.460",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-03T16:29:00.240",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/108182"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftds-ldapdos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/108182"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftds-ldapdos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.