Lucene search

CiscoCISCO-SA-20190327-NBAR

HistoryMar 27, 2019 - 4:00 p.m.

Cisco IOS and IOS XE Software Network-Based Application Recognition Denial of Service Vulnerabilities

2019-03-2716:00:00

tools.cisco.com

0.002 Low

EPSS

Percentile

52.4%

JSON

Multiple vulnerabilities in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. These vulnerabilities are due to a parsing issue on DNS packets. An attacker could exploit these vulnerabilities by sending crafted DNS packets through routers that are running an affected version and have NBAR enabled. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-nbar [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-nbar”]

This advisory is part of the March 27, 2019, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 17 Cisco Security Advisories that describe 19 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: March 2019 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-71135”].

Affected configurations

Vulners

Node

ciscoiosMatch15.5s

ciscoiosMatch15.5m

ciscoiosMatch15.5sn

ciscoiosMatch15.6s

ciscoiosMatch15.6t

ciscoiosMatch15.3jnp

ciscoiosMatch15.6sn

ciscoiosMatch15.3jpb

ciscoiosMatch15.3jd

ciscoiosMatch15.6m

ciscoiosMatch15.3jpc

ciscoiosMatch15.3je

ciscoiosMatch15.3jpd

ciscoiosMatch15.3jf

ciscoiosMatch15.3jg

ciscoiosMatch15.3jh

ciscorvs4000_softwareMatch3.16s

ciscorvs4000_softwareMatch3.17s

ciscorvs4000_softwareMatch16.2

ciscorvs4000_softwareMatch16.3

ciscorvs4000_softwareMatch16.4

ciscorvs4000_softwareMatch16.5

ciscorvs4000_softwareMatch3.18s

ciscorvs4000_softwareMatch3.18sp

ciscorvs4000_softwareMatch16.9

ciscoiosMatch15.5\(3\)s

ciscoiosMatch15.5\(3\)s1

ciscoiosMatch15.5\(3\)s1a

ciscoiosMatch15.5\(3\)s2

ciscoiosMatch15.5\(3\)s0a

ciscoiosMatch15.5\(3\)s3

ciscoiosMatch15.5\(3\)s4

ciscoiosMatch15.5\(3\)s5

ciscoiosMatch15.5\(3\)m

ciscoiosMatch15.5\(3\)m1

ciscoiosMatch15.5\(3\)m0a

ciscoiosMatch15.5\(3\)m2

ciscoiosMatch15.5\(3\)m2a

ciscoiosMatch15.5\(3\)m3

ciscoiosMatch15.5\(3\)m4

ciscoiosMatch15.5\(3\)m4a

ciscoiosMatch15.5\(3\)m5

ciscoiosMatch15.5\(3\)m4b

ciscoiosMatch15.5\(3\)m4c

ciscoiosMatch15.5\(3\)sn0a

ciscoiosMatch15.5\(3\)sn

ciscoiosMatch15.6\(1\)s

ciscoiosMatch15.6\(2\)s

ciscoiosMatch15.6\(2\)s1

ciscoiosMatch15.6\(1\)s1

ciscoiosMatch15.6\(1\)s2

ciscoiosMatch15.6\(2\)s2

ciscoiosMatch15.6\(1\)s3

ciscoiosMatch15.6\(2\)s3

ciscoiosMatch15.6\(1\)s4

ciscoiosMatch15.6\(2\)s4

ciscoiosMatch15.6\(1\)t

ciscoiosMatch15.6\(2\)t

ciscoiosMatch15.6\(1\)t0a

ciscoiosMatch15.6\(1\)t1

ciscoiosMatch15.6\(2\)t1

ciscoiosMatch15.6\(1\)t2

ciscoiosMatch15.6\(2\)t0a

ciscoiosMatch15.6\(2\)t2

ciscoiosMatch15.3\(3\)jnp

ciscoiosMatch15.3\(3\)jnp1

ciscoiosMatch15.3\(3\)jnp3

ciscoiosMatch15.6\(1\)sn

ciscoiosMatch15.6\(1\)sn1

ciscoiosMatch15.6\(2\)sn

ciscoiosMatch15.6\(1\)sn2

ciscoiosMatch15.6\(1\)sn3

ciscoiosMatch15.6\(3\)sn

ciscoiosMatch15.6\(4\)sn

ciscoiosMatch15.6\(5\)sn

ciscoiosMatch15.6\(6\)sn

ciscoiosMatch15.6\(7\)sn

ciscoiosMatch15.6\(7\)sn1

ciscoiosMatch15.6\(7\)sn2

ciscoiosMatch15.6\(7\)sn3

ciscoiosMatch15.3\(3\)jpb

ciscoiosMatch15.3\(3\)jpb1

ciscoiosMatch15.3\(3\)jd

ciscoiosMatch15.3\(3\)jd2

ciscoiosMatch15.3\(3\)jd3

ciscoiosMatch15.3\(3\)jd4

ciscoiosMatch15.3\(3\)jd5

ciscoiosMatch15.3\(3\)jd6

ciscoiosMatch15.3\(3\)jd7

ciscoiosMatch15.3\(3\)jd8

ciscoiosMatch15.3\(3\)jd9

ciscoiosMatch15.3\(3\)jd11

ciscoiosMatch15.3\(3\)jd12

ciscoiosMatch15.3\(3\)jd13

ciscoiosMatch15.3\(3\)jd14

ciscoiosMatch15.6\(3\)m

ciscoiosMatch15.6\(3\)m1

ciscoiosMatch15.6\(3\)m0a

ciscoiosMatch15.6\(3\)m1a

ciscoiosMatch15.6\(3\)m1b

ciscoiosMatch15.3\(3\)jpc

ciscoiosMatch15.3\(3\)jpc1

ciscoiosMatch15.3\(3\)jpc2

ciscoiosMatch15.3\(3\)jpc3

ciscoiosMatch15.3\(3\)jpc5

ciscoiosMatch15.3\(3\)je

ciscoiosMatch15.3\(3\)jpd

ciscoiosMatch15.3\(3\)jf

ciscoiosMatch15.3\(3\)jf1

ciscoiosMatch15.3\(3\)jf2

ciscoiosMatch15.3\(3\)jf4

ciscoiosMatch15.3\(3\)jf5

ciscoiosMatch15.3\(3\)jg

ciscoiosMatch15.3\(3\)jg1

ciscoiosMatch15.3\(3\)jh

ciscorvs4000_softwareMatch3.16.0s

ciscorvs4000_softwareMatch3.16.1s

ciscorvs4000_softwareMatch3.16.0as

ciscorvs4000_softwareMatch3.16.1as

ciscorvs4000_softwareMatch3.16.2s

ciscorvs4000_softwareMatch3.16.2as

ciscorvs4000_softwareMatch3.16.0bs

ciscorvs4000_softwareMatch3.16.0cs

ciscorvs4000_softwareMatch3.16.3s

ciscorvs4000_softwareMatch3.16.2bs

ciscorvs4000_softwareMatch3.16.3as

ciscorvs4000_softwareMatch3.16.4s

ciscorvs4000_softwareMatch3.16.4as

ciscorvs4000_softwareMatch3.16.4bs

ciscorvs4000_softwareMatch3.16.4gs

ciscorvs4000_softwareMatch3.16.5s

ciscorvs4000_softwareMatch3.16.4cs

ciscorvs4000_softwareMatch3.16.4ds

ciscorvs4000_softwareMatch3.16.4es

ciscorvs4000_softwareMatch3.16.5as

ciscorvs4000_softwareMatch3.17.0s

ciscorvs4000_softwareMatch3.17.1s

ciscorvs4000_softwareMatch3.17.2s

ciscorvs4000_softwareMatch3.17.1as

ciscorvs4000_softwareMatch3.17.3s

ciscorvs4000_softwareMatch3.17.4s

ciscorvs4000_softwareMatch16.2.1

ciscorvs4000_softwareMatch16.2.2

ciscorvs4000_softwareMatch16.3.1

ciscorvs4000_softwareMatch16.3.2

ciscorvs4000_softwareMatch16.3.3

ciscorvs4000_softwareMatch16.3.1a

ciscorvs4000_softwareMatch16.3.4

ciscorvs4000_softwareMatch16.4.1

ciscorvs4000_softwareMatch16.4.2

ciscorvs4000_softwareMatch16.4.3

ciscorvs4000_softwareMatch16.5.1

ciscorvs4000_softwareMatch16.5.1a

ciscorvs4000_softwareMatch16.5.1b

ciscorvs4000_softwareMatch3.18.0as

ciscorvs4000_softwareMatch3.18.0s

ciscorvs4000_softwareMatch3.18.1s

ciscorvs4000_softwareMatch3.18.2s

ciscorvs4000_softwareMatch3.18.3s

ciscorvs4000_softwareMatch3.18.4s

ciscorvs4000_softwareMatch3.18.0sp

ciscorvs4000_softwareMatch3.18.1sp

ciscorvs4000_softwareMatch3.18.1asp

ciscorvs4000_softwareMatch3.18.1gsp

ciscorvs4000_softwareMatch3.18.1bsp

ciscorvs4000_softwareMatch3.18.1csp

ciscorvs4000_softwareMatch3.18.2sp

ciscorvs4000_softwareMatch3.18.1hsp

ciscorvs4000_softwareMatch3.18.2asp

ciscorvs4000_softwareMatch3.18.1isp

ciscorvs4000_softwareMatch16.9.3s

ciscorvs4000_softwareMatch16.9.4c

CPENameOperatorVersion
ioseq15.5S
ioseq15.5M
ioseq15.5SN
ioseq15.6S
ioseq15.6T
ioseq15.3JNP
ioseq15.6SN
ioseq15.3JPB
ioseq15.3JD
ioseq15.6M

Name	Operator	Version
ios	eq	15.5S
ios	eq	15.5M
ios	eq	15.5SN
ios	eq	15.6S
ios	eq	15.6T
ios	eq	15.3JNP
ios	eq	15.6SN
ios	eq	15.3JPB
ios	eq	15.3JD
ios	eq	15.6M

Rows per page:

1-10 of 1721

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-nbar

0.002 Low

EPSS

Percentile

52.4%

JSON

Related for CISCO-SA-20190327-NBAR