VAR-201304-0173
Vulnerability from variot - Updated: 2024-02-13 22:46SensorApp in Cisco Intrusion Prevention System (IPS) allows local users to cause a denial of service (Regex hardware job failure and application hang) via a (1) initiate signature upgrade, (2) initiate global correlation, (3) show statistics anomaly-detection, or (4) clear database action, aka Bug ID CSCuc74630. Cisco Intrusion Prevention System is prone to a local denial-of-service vulnerability. A local attacker can exploit this issue to crash the system, resulting in denial-of-service conditions. This issue is being tracked by Cisco bug ID CSCuc74630. The system can immediately interrupt, adjust or isolate some abnormal or harmful network data transmission behaviors.
The vulnerability is due to a job failure in the Regex hardware when processing the control transaction getENGVirtualSensorStatistics. When the malicious action is processed by the affected device, the SensorApp process may hang or become unresponsive to legitimate commands or control transactions, leading to a DoS condition.
Cisco has confirmed the vulnerability in a security notice and has released software updates.
This vulnerability is applicable only to platforms that implement Regex hardware.
Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.
To exploit this vulnerability, an attacker requires authenticated access to a targeted device and may require access to trusted, internal networks. These access requirements could limit the likelihood of a successful exploit
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201304-0173",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "intrusion prevention system",
"scope": null,
"trust": 1.4,
"vendor": "cisco",
"version": null
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002504"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-606"
},
{
"db": "NVD",
"id": "CVE-2013-1219"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:intrusion_prevention_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1219"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "59545"
}
],
"trust": 0.3
},
"cve": "CVE-2013-1219",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.7,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:M/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 4.4,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-1219",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 4.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.7,
"id": "VHN-61221",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-1219",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201304-606",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-61221",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2013-1219",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61221"
},
{
"db": "VULMON",
"id": "CVE-2013-1219"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002504"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-606"
},
{
"db": "NVD",
"id": "CVE-2013-1219"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SensorApp in Cisco Intrusion Prevention System (IPS) allows local users to cause a denial of service (Regex hardware job failure and application hang) via a (1) initiate signature upgrade, (2) initiate global correlation, (3) show statistics anomaly-detection, or (4) clear database action, aka Bug ID CSCuc74630. Cisco Intrusion Prevention System is prone to a local denial-of-service vulnerability. \nA local attacker can exploit this issue to crash the system, resulting in denial-of-service conditions. \nThis issue is being tracked by Cisco bug ID CSCuc74630. The system can immediately interrupt, adjust or isolate some abnormal or harmful network data transmission behaviors. \n\nThe vulnerability is due to a job failure in the Regex hardware when processing the control transaction getENGVirtualSensorStatistics. When the malicious action is processed by the affected device, the SensorApp process may hang or become unresponsive to legitimate commands or control transactions, leading to a DoS condition. \n\nCisco has confirmed the vulnerability in a security notice and has released software updates. \n\n\nThis vulnerability is applicable only to platforms that implement Regex hardware. \n\nCisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available. \n\nTo exploit this vulnerability, an attacker requires authenticated access to a targeted device and may require access to trusted, internal networks. These access requirements could limit the likelihood of a successful exploit",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1219"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002504"
},
{
"db": "BID",
"id": "59545"
},
{
"db": "VULHUB",
"id": "VHN-61221"
},
{
"db": "VULMON",
"id": "CVE-2013-1219"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-1219",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002504",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201304-606",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20130426 CISCO IPS SENSORAPP REGEX VULNERABILITY",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "53277",
"trust": 0.6
},
{
"db": "BID",
"id": "59545",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-61221",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2013-1219",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61221"
},
{
"db": "VULMON",
"id": "CVE-2013-1219"
},
{
"db": "BID",
"id": "59545"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002504"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-606"
},
{
"db": "NVD",
"id": "CVE-2013-1219"
}
]
},
"id": "VAR-201304-0173",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-61221"
}
],
"trust": 0.01
},
"last_update_date": "2024-02-13T22:46:37.155000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco IPS SensorApp Regex Vulnerability",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-1219"
},
{
"title": "29105",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=29105"
},
{
"title": "Cisco: Cisco IPS SensorApp Regex Processing Denial of Service Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20130429-cve-2013-1219"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-1219"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002504"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1219"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-1219"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1219"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1219"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/53277"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/sw/secursw/ps2113/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130429-cve-2013-1219"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61221"
},
{
"db": "VULMON",
"id": "CVE-2013-1219"
},
{
"db": "BID",
"id": "59545"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002504"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-606"
},
{
"db": "NVD",
"id": "CVE-2013-1219"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-61221"
},
{
"db": "VULMON",
"id": "CVE-2013-1219"
},
{
"db": "BID",
"id": "59545"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002504"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-606"
},
{
"db": "NVD",
"id": "CVE-2013-1219"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-29T00:00:00",
"db": "VULHUB",
"id": "VHN-61221"
},
{
"date": "2013-04-29T00:00:00",
"db": "VULMON",
"id": "CVE-2013-1219"
},
{
"date": "2013-04-26T00:00:00",
"db": "BID",
"id": "59545"
},
{
"date": "2013-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002504"
},
{
"date": "2013-04-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-606"
},
{
"date": "2013-04-29T12:20:36.250000",
"db": "NVD",
"id": "CVE-2013-1219"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-01T00:00:00",
"db": "VULHUB",
"id": "VHN-61221"
},
{
"date": "2013-05-01T00:00:00",
"db": "VULMON",
"id": "CVE-2013-1219"
},
{
"date": "2013-04-26T00:00:00",
"db": "BID",
"id": "59545"
},
{
"date": "2013-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002504"
},
{
"date": "2013-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-606"
},
{
"date": "2013-05-01T04:00:00",
"db": "NVD",
"id": "CVE-2013-1219"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "59545"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-606"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Intrusion Prevention System of SensorApp Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002504"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-606"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…