Lucene search

[email protected]NVD:CVE-2019-15256

HistoryOct 02, 2019 - 7:15 p.m.

CVE-2019-15256

2019-10-0219:15:15

CWE-399

CWE-400

[email protected]

web.nvd.nist.gov

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

8.5

Confidence

High

EPSS

0.002

Percentile

52.7%

JSON

A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. The attacker does not need valid credentials to authenticate the VPN session, nor does the attacker’s source address need to match a peer statement in the crypto map applied to the ingress interface of the affected device. An exploit could allow the attacker to exhaust system memory resources, leading to a reload of an affected device.

Affected configurations

Nvd

Node

ciscoadaptive_security_appliance_softwareRange9.7–9.8.4.10

ciscoadaptive_security_appliance_softwareRange9.9–9.9.2.47

ciscoadaptive_security_appliance_softwareRange9.10–9.10.1.30

ciscoadaptive_security_appliance_softwareRange9.12–9.12.2.5

Node

ciscofirepower_threat_defenseRange6.2.0–6.2.3.11

ciscofirepower_threat_defenseRange6.3.0–6.3.0.2

Node

ciscoasa_5505Match-

AND

ciscoasa_5505_firmwareMatch9.9\(2.4\)

ciscoasa_5505_firmwareMatch201.4\(1.21\)

Node

ciscoasa_5510Match-

AND

ciscoasa_5510_firmwareMatch9.9\(2.4\)

ciscoasa_5510_firmwareMatch201.4\(1.21\)

Node

ciscoasa_5512-xMatch-

AND

ciscoasa_5512-x_firmwareMatch9.9\(2.4\)

ciscoasa_5512-x_firmwareMatch201.4\(1.21\)

Node

ciscoasa_5515-xMatch-

AND

ciscoasa_5515-x_firmwareMatch9.9\(2.4\)

ciscoasa_5515-x_firmwareMatch201.4\(1.21\)

Node

ciscoasa_5520Match-

AND

ciscoasa_5520_firmwareMatch9.9\(2.4\)

ciscoasa_5520_firmwareMatch201.4\(1.21\)

Node

ciscoasa_5525-x_firmwareMatch9.9\(2.4\)

ciscoasa_5525-x_firmwareMatch201.4\(1.21\)

AND

ciscoasa_5525-xMatch-

Node

ciscoasa_5540_firmwareMatch9.9\(2.4\)

ciscoasa_5540_firmwareMatch201.4\(1.21\)

AND

ciscoasa_5540Match-

Node

ciscoasa_5545-x_firmwareMatch9.9\(2.4\)

ciscoasa_5545-x_firmwareMatch201.4\(1.21\)

AND

ciscoasa_5545-xMatch-

Node

ciscoasa_5550_firmwareMatch9.9\(2.4\)

ciscoasa_5550_firmwareMatch201.4\(1.21\)

AND

ciscoasa_5550Match-

Node

ciscoasa_5555-x_firmwareMatch9.9\(2.4\)

ciscoasa_5555-x_firmwareMatch201.4\(1.21\)

AND

ciscoasa_5555-xMatch-

Node

ciscoasa_5580_firmwareMatch9.9\(2.4\)

ciscoasa_5580_firmwareMatch201.4\(1.21\)

AND

ciscoasa_5580Match-

VendorProductVersionCPE
ciscoadaptive_security_appliance_software*cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software*cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*
ciscofirepower_threat_defense*cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
ciscoasa_5505-cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*
ciscoasa_5505_firmware9.9(2.4)cpe:2.3:o:cisco:asa_5505_firmware:9.9\(2.4\):*:*:*:*:*:*:*
ciscoasa_5505_firmware201.4(1.21)cpe:2.3:o:cisco:asa_5505_firmware:201.4\(1.21\):*:*:*:*:*:*:*
ciscoasa_5510-cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*
ciscoasa_5510_firmware9.9(2.4)cpe:2.3:o:cisco:asa_5510_firmware:9.9\(2.4\):*:*:*:*:*:*:*
ciscoasa_5510_firmware201.4(1.21)cpe:2.3:o:cisco:asa_5510_firmware:201.4\(1.21\):*:*:*:*:*:*:*
ciscoasa_5512-x-cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	adaptive_security_appliance_software	*	cpe:2.3:a:cisco:adaptive_security_appliance_software::::::::
cisco	adaptive_security_appliance_software	*	cpe:2.3:o:cisco:adaptive_security_appliance_software::::::::
cisco	firepower_threat_defense	*	cpe:2.3:a:cisco:firepower_threat_defense::::::::
cisco	asa_5505	-	cpe:2.3:h:cisco:asa_5505:-:::::::*
cisco	asa_5505_firmware	9.9(2.4)	cpe:2.3:o:cisco:asa_5505_firmware:9.9\(2.4\):::::::*
cisco	asa_5505_firmware	201.4(1.21)	cpe:2.3:o:cisco:asa_5505_firmware:201.4\(1.21\):::::::*
cisco	asa_5510	-	cpe:2.3:h:cisco:asa_5510:-:::::::*
cisco	asa_5510_firmware	9.9(2.4)	cpe:2.3:o:cisco:asa_5510_firmware:9.9\(2.4\):::::::*
cisco	asa_5510_firmware	201.4(1.21)	cpe:2.3:o:cisco:asa_5510_firmware:201.4\(1.21\):::::::*
cisco	asa_5512-x	-	cpe:2.3:h:cisco:asa_5512-x:-:::::::*

Rows per page:

1-10 of 361

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-ikev1-dos

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

8.5

Confidence

High

EPSS

0.002

Percentile

52.7%

JSON

Related for NVD:CVE-2019-15256

prion1 nessus2 symantec1 cvelist1 cve1 cisco1