Lucene search

K
cve[email protected]CVE-2019-1858
HistoryMay 16, 2019 - 2:29 a.m.

CVE-2019-1858

2019-05-1602:29:00
CWE-755
CWE-20
web.nvd.nist.gov
42
vulnerability
snmp
cisco
fxos software
nx-os software
remote attacker
system memory leak
restart
denial of service
nvd

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

8.3 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

52.8%

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when processing inbound SNMP packets. An attacker could exploit this vulnerability by sending multiple crafted SNMP packets to an affected device. A successful exploit could allow the attacker to cause the SNMP application to leak system memory because of an improperly handled error condition during packet processing. Over time, this memory leak could cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.

Affected configurations

NVD
Node
cisconx-osRange<8.1\(1\)
AND
ciscomds_9132tMatch-
OR
ciscomds_9148sMatch-
OR
ciscomds_9148tMatch-
OR
ciscomds_9216Match-
OR
ciscomds_9216aMatch-
OR
ciscomds_9216iMatch-
OR
ciscomds_9222iMatch-
OR
ciscomds_9250iMatch-
OR
ciscomds_9396sMatch-
OR
ciscomds_9396tMatch-
OR
ciscomds_9506Match-
OR
ciscomds_9509Match-
OR
ciscomds_9513Match-
OR
ciscomds_9706Match-
OR
ciscomds_9710Match-
OR
ciscomds_9718Match-
Node
cisconx-osRange<7.0\(3\)i4\(8\)
OR
cisconx-osRange7.0\(3\)i77.0\(3\)i7\(2\)
AND
cisco9432pqMatch-
OR
cisco9536pqMatch-
OR
cisco9636pqMatch-
OR
cisco9736pqMatch-
OR
ciscon9k-x9432c-sMatch-
OR
ciscon9k-x9464pxMatch-
OR
ciscon9k-x9464tx2Match-
OR
ciscon9k-x9564pxMatch-
OR
ciscon9k-x9564txMatch-
OR
ciscon9k-x9636c-rMatch-
OR
ciscon9k-x9636c-rxMatch-
OR
ciscon9k-x97160yc-exMatch-
OR
ciscon9k-x9732c-exMatch-
OR
ciscon9k-x9732c-fxMatch-
OR
ciscon9k-x9736c-exMatch-
OR
ciscon9k-x9736c-fxMatch-
OR
ciscon9k-x9788tc-fxMatch-
OR
cisconexus_3048Match-
OR
cisconexus_31108pc-vMatch-
OR
cisconexus_31108tc-vMatch-
OR
cisconexus_31128pqMatch-
OR
cisconexus_3132c-zMatch-
OR
cisconexus_3132q-vMatch-
OR
cisconexus_3132q-x\/3132q-xlMatch-
OR
cisconexus_3164qMatch-
OR
cisconexus_3172pq\/pq-xlMatch-
OR
cisconexus_3172tq-xlMatch-
OR
cisconexus_3232cMatch-
OR
cisconexus_3264c-eMatch-
OR
cisconexus_3264qMatch-
OR
cisconexus_3408-sMatch-
OR
cisconexus_34180ycMatch-
OR
cisconexus_3432d-sMatch-
OR
cisconexus_3464cMatch-
OR
cisconexus_3524-x\/xlMatch-
OR
cisconexus_3548-x\/xlMatch-
OR
cisconexus_36180yc-rMatch-
OR
cisconexus_3636c-rMatch-
OR
cisconexus_92160yc-xMatch-
OR
cisconexus_92300ycMatch-
OR
cisconexus_93108tc-exMatch-
OR
cisconexus_93108tc-fxMatch-
OR
cisconexus_93120txMatch-
OR
cisconexus_9316d-gxMatch-
OR
cisconexus_93180lc-exMatch-
OR
cisconexus_93180yc-exMatch-
OR
cisconexus_93180yc-fxMatch-
OR
cisconexus_93216tc-fx2Match-
OR
cisconexus_93240yc-fx2Match-
OR
cisconexus_9332cMatch-
OR
cisconexus_93360yc-fx2Match-
OR
cisconexus_9336c-fx2Match-
OR
cisconexus_9348gc-fxpMatch-
OR
cisconexus_93600cd-gxMatch-
OR
cisconexus_9364cMatch-
OR
cisconexus_9500_supervisor_aMatch-
OR
cisconexus_9500_supervisor_a\+Match-
OR
cisconexus_9500_supervisor_bMatch-
OR
cisconexus_9500_supervisor_b\+Match-
OR
cisconexus_9504Match-
OR
cisconexus_9508Match-
OR
cisconexus_9516Match-
OR
ciscox9636q-rMatch-
Node
cisconx-osRange7.0\(3\)7.0\(3\)f3\(1\)
AND
ciscon9k-c9504-fm-rMatch-
OR
ciscon9k-c9508-fm-rMatch-
OR
ciscon9k-x96136yc-rMatch-
OR
ciscon9k-x9636c-rMatch-
OR
ciscon9k-x9636c-rxMatch-
OR
ciscon9k-x9636q-rMatch-
OR
cisconexus_36180yc-rMatch-
OR
cisconexus_3636c-rMatch-
OR
ciscox96136yc-rMatch-
OR
ciscox9636c-rMatch-
OR
ciscox9636c-rxMatch-
OR
ciscox9636q-rMatch-
Node
cisconx-osRange<7.1\(5\)n1\(1b\)
OR
cisconx-osRange7.37.3\(4\)n1\(1a\)
AND
cisconexus_5010Match-
OR
cisconexus_5020Match-
OR
cisconexus_5548pMatch-
OR
cisconexus_5548upMatch-
OR
cisconexus_5596tMatch-
OR
cisconexus_5596upMatch-
OR
cisconexus_56128pMatch-
OR
cisconexus_5624qMatch-
OR
cisconexus_5648qMatch-
OR
cisconexus_5672upMatch-
OR
cisconexus_5672up-16gMatch-
OR
cisconexus_5696qMatch-
OR
cisconexus_6001Match-
OR
cisconexus_6004Match-
Node
cisconx-osRange<6.2\(22\)
OR
cisconx-osRange7.27.2\(0\)d1\(1\)
OR
cisconx-osRange8.08.1\(1\)
AND
cisco7000_10-slotMatch-
OR
cisco7000_18-slotMatch-
OR
cisco7000_4-slotMatch-
OR
cisco7000_9-slotMatch-
OR
cisco7700_10-slotMatch-
OR
cisco7700_18-slotMatch-
OR
cisco7700_2-slotMatch-
OR
cisco7700_6-slotMatch-
OR
ciscon77-f312ck-26Match-
OR
ciscon77-f324fq-25Match-
OR
ciscon77-f348xp-23Match-
OR
ciscon77-f430cq-36Match-
OR
ciscon77-m312cq-26lMatch-
OR
ciscon77-m324fq-25lMatch-
OR
ciscon77-m348xp-23lMatch-
OR
ciscon7k-f248xp-25eMatch-
OR
ciscon7k-f306ck-25Match-
OR
ciscon7k-f312fq-25Match-
OR
ciscon7k-m202cf-22lMatch-
OR
ciscon7k-m206fq-23lMatch-
OR
ciscon7k-m224xp-23lMatch-
OR
ciscon7k-m324fq-25lMatch-
OR
ciscon7k-m348xp-25lMatch-
OR
cisconexus_7000_supervisor_1Match-
OR
cisconexus_7000_supervisor_2Match-
OR
cisconexus_7000_supervisor_2eMatch-
OR
cisconexus_7700_supervisor_2eMatch-
OR
cisconexus_7700_supervisor_3eMatch-
Node
ciscofirepower_extensible_operating_systemRange2.62.6.1.131
OR
ciscofx-osRange<2.2.2.91
OR
ciscofx-osRange2.32.3.1.130
OR
ciscofx-osRange2.42.4.1.222
AND
ciscofirepower_4110Match-
OR
ciscofirepower_4120Match-
OR
ciscofirepower_4140Match-
OR
ciscofirepower_4150Match-
OR
ciscofirepower_9300_with_1_sm-24_moduleMatch-
OR
ciscofirepower_9300_with_1_sm-36_moduleMatch-
OR
ciscofirepower_9300_with_1_sm-44_moduleMatch-
OR
ciscofirepower_9300_with_3_sm-44_moduleMatch-
Node
cisconx-osRange<14.0\(2c\)
OR
cisconx-osRange14.114.1\(1i\)
AND
cisco9432pqMatch-
OR
cisco9536pqMatch-
OR
cisco9636pqMatch-
OR
cisco9736pqMatch-
OR
ciscon9k-x9432c-sMatch-
OR
ciscon9k-x9464pxMatch-
OR
ciscon9k-x9464tx2Match-
OR
ciscon9k-x9564pxMatch-
OR
ciscon9k-x9564txMatch-
OR
ciscon9k-x9636c-rMatch-
OR
ciscon9k-x9636c-rxMatch-
OR
ciscon9k-x97160yc-exMatch-
OR
ciscon9k-x9732c-exMatch-
OR
ciscon9k-x9732c-fxMatch-
OR
ciscon9k-x9736c-exMatch-
OR
ciscon9k-x9736c-fxMatch-
OR
ciscon9k-x9788tc-fxMatch-
OR
cisconexus_92160yc-xMatch-
OR
cisconexus_92300ycMatch-
OR
cisconexus_93108tc-exMatch-
OR
cisconexus_93108tc-fxMatch-
OR
cisconexus_93120txMatch-
OR
cisconexus_9316d-gxMatch-
OR
cisconexus_93180lc-exMatch-
OR
cisconexus_93180yc-exMatch-
OR
cisconexus_93180yc-fxMatch-
OR
cisconexus_93216tc-fx2Match-
OR
cisconexus_93240yc-fx2Match-
OR
cisconexus_9332cMatch-
OR
cisconexus_93360yc-fx2Match-
OR
cisconexus_9336c-fx2Match-
OR
cisconexus_9348gc-fxpMatch-
OR
cisconexus_93600cd-gxMatch-
OR
cisconexus_9364cMatch-
OR
cisconexus_9500_supervisor_aMatch-
OR
cisconexus_9500_supervisor_a\+Match-
OR
cisconexus_9500_supervisor_bMatch-
OR
cisconexus_9500_supervisor_b\+Match-
OR
cisconexus_9504Match-
OR
cisconexus_9508Match-
OR
cisconexus_9516Match-
OR
ciscox9636q-rMatch-
Node
cisconx-osRange<6.0\(2\)a8\(4\)
OR
cisconx-osRange7.0\(3\)i77.0\(3\)i7\(2\)
AND
cisconexus_3524-x\/xlMatch-
OR
cisconexus_3548-x\/xlMatch-
Node
cisconx-osRange<5.2\(1\)sv3\(4.1a\)
AND
cisconexus_1000vMatch-hyper-v
OR
cisconexus_1000vMatch-vmware_vsphere
CPENameOperatorVersion
cisco:nx-oscisco nx-oslt8.1\(1\)

CNA Affected

[
  {
    "product": "Cisco Firepower Extensible Operating System (FXOS) ",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "n/a",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

8.3 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

52.8%

Related for CVE-2019-1858