Lucene search

CiscoCVE-2019-12652

HistorySep 25, 2019 - 9:15 p.m.

CVE-2019-12652

2019-09-2521:15:10

CWE-399

cisco

web.nvd.nist.gov

information security

vulnerability

cisco

ios software

catalyst 4000

switch

denial of service

dos

remote attacker

tcp

nvd

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

52.6%

JSON

A vulnerability in the ingress packet processing function of Cisco IOS Software for Cisco Catalyst 4000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource allocation when processing TCP packets directed to the device on specific Cisco Catalyst 4000 Series Switches. An attacker could exploit this vulnerability by sending crafted TCP streams to an affected device. A successful exploit could cause the affected device to run out of buffer resources, impairing operations of control plane and management plane protocols, resulting in a DoS condition. This vulnerability can be triggered only by traffic that is destined to an affected device and cannot be exploited using traffic that transits an affected device.

Affected configurations

Nvd

Node

ciscoiosMatch15.2\(3\)e1

ciscoiosMatch15.2\(4\)e3

AND

ciscocatalyst_4500_supervisor_engine_6-eMatch-

ciscocatalyst_4500_supervisor_engine_6l-eMatch-

ciscocatalyst_4900mMatch-

ciscocatalyst_4948eMatch-

ciscocatalyst_4948e-fMatch-

VendorProductVersionCPE
ciscoios15.2(3)e1cpe:2.3:o:cisco:ios:15.2\(3\)e1:*:*:*:*:*:*:*
ciscoios15.2(4)e3cpe:2.3:o:cisco:ios:15.2\(4\)e3:*:*:*:*:*:*:*
ciscocatalyst_4500_supervisor_engine_6-e-cpe:2.3:h:cisco:catalyst_4500_supervisor_engine_6-e:-:*:*:*:*:*:*:*
ciscocatalyst_4500_supervisor_engine_6l-e-cpe:2.3:h:cisco:catalyst_4500_supervisor_engine_6l-e:-:*:*:*:*:*:*:*
ciscocatalyst_4900m-cpe:2.3:h:cisco:catalyst_4900m:-:*:*:*:*:*:*:*
ciscocatalyst_4948e-cpe:2.3:h:cisco:catalyst_4948e:-:*:*:*:*:*:*:*
ciscocatalyst_4948e-f-cpe:2.3:h:cisco:catalyst_4948e-f:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	15.2(3)e1	cpe:2.3:o:cisco:ios:15.2\(3\)e1:::::::*
cisco	ios	15.2(4)e3	cpe:2.3:o:cisco:ios:15.2\(4\)e3:::::::*
cisco	catalyst_4500_supervisor_engine_6-e	-	cpe:2.3:h:cisco:catalyst_4500_supervisor_engine_6-e:-:::::::*
cisco	catalyst_4500_supervisor_engine_6l-e	-	cpe:2.3:h:cisco:catalyst_4500_supervisor_engine_6l-e:-:::::::*
cisco	catalyst_4900m	-	cpe:2.3:h:cisco:catalyst_4900m:-:::::::*
cisco	catalyst_4948e	-	cpe:2.3:h:cisco:catalyst_4948e:-:::::::*
cisco	catalyst_4948e-f	-	cpe:2.3:h:cisco:catalyst_4948e-f:-:::::::*

CNA Affected

[
  {
    "product": "Cisco IOS 15.0(1)XO1",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "n/a",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-cat4000-tcp-dos

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

52.6%

JSON

Related for CVE-2019-12652