Vulnerability-Lookup

CVE-2019-12647 (GCVE-0-2019-12647)

Vulnerability from cvelistv5 – Published: 2019-09-25 20:05 – Updated: 2024-11-19 18:56

Title

Cisco IOS and IOS XE Software IP Ident Denial of Service Vulnerability

Summary

A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability exists because the affected software incorrectly handles memory structures, leading to a NULL pointer dereference. An attacker could exploit this vulnerability by opening a TCP connection to specific ports and sending traffic over that connection. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.

Severity ?

8.6 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-476

Assigner

cisco

References

URL

	Vendor	Product	Version
	Cisco	Cisco IOS	Affected: unspecified , < 12.1(12) (custom)

CVE-2019-12647

Vulnerability from fstec - Published: 25.09.2019

Title

Уязвимость реализации протокола идентификации Ident операционных систем Cisco IOS и Cisco IOS XE, позволяющая нарушителю вызвать перезагрузку уязвимого устройства

Description

Уязвимость реализации протокола идентификации Ident операционных систем Cisco IOS и Cisco IOS XE связана с разыменованием нулевого указателя. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать перезагрузку уязвимого устройства

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Vendor

Cisco Systems Inc.

Software Name

Cisco IOS, Cisco IOS XE

Software Version

12.2 (Cisco IOS), 15.3s (Cisco IOS), 16.2 (Cisco IOS XE), 3.9S (Cisco IOS XE), 3.3XO (Cisco IOS XE), 16.3 (Cisco IOS XE), 3.10S (Cisco IOS XE), 3.15S (Cisco IOS XE), 3.16S (Cisco IOS XE), 3.17S (Cisco IOS XE), 3.2SG (Cisco IOS XE), 16.4 (Cisco IOS XE), 16.5 (Cisco IOS XE), 16.6 (Cisco IOS XE), 16.7 (Cisco IOS XE), 16.8 (Cisco IOS XE), 16.9 (Cisco IOS XE), 17.2 (Cisco IOS XE), 17.3 (Cisco IOS XE), 17.4 (Cisco IOS XE), 17.5 (Cisco IOS XE), 17.6 (Cisco IOS XE), 3.7S (Cisco IOS XE), 3.8S (Cisco IOS XE), 3.11S (Cisco IOS XE), 3.12S (Cisco IOS XE), 3.13S (Cisco IOS XE), 3.6E (Cisco IOS XE), 3.14S (Cisco IOS XE), 3.18S (Cisco IOS XE), 3.18SP (Cisco IOS XE), 12.1 (Cisco IOS), 12.1XI (Cisco IOS), 12.0S (Cisco IOS), 12.2B (Cisco IOS), 12.2S (Cisco IOS), 12.2XA (Cisco IOS), 12.2XB (Cisco IOS), 12.2XG (Cisco IOS), 12.2XL (Cisco IOS), 12.2XN (Cisco IOS), 12.2YD (Cisco IOS), 12.0 (Cisco IOS), 12.0XE (Cisco IOS), 12.0XK (Cisco IOS), 12.1E (Cisco IOS), 12.1XM (Cisco IOS), 12.1YB (Cisco IOS), 12.2DD (Cisco IOS), 12.2XK (Cisco IOS), 12.0T (Cisco IOS), 12.1T (Cisco IOS), 12.1EX (Cisco IOS), 12.1EA (Cisco IOS), 12.0SZ (Cisco IOS), 12.2BW (Cisco IOS), 12.2DX (Cisco IOS), 12.2MC (Cisco IOS), 12.2MX (Cisco IOS), 12.2SZ (Cisco IOS), 12.2XU (Cisco IOS), 12.2YO (Cisco IOS), 12.2YX (Cisco IOS), 12.2YY (Cisco IOS), 12.2YZ (Cisco IOS), 12.2ZA (Cisco IOS), 12.2ZB (Cisco IOS), 12.0XT (Cisco IOS), 12.2XZ (Cisco IOS), 12.3XI (Cisco IOS), 12.2SU (Cisco IOS), 12.2SXB (Cisco IOS), 12.2SXA (Cisco IOS), 12.2SXD (Cisco IOS), 12.2ZI (Cisco IOS), 12.3YF (Cisco IOS), 12.2M (Cisco IOS), 12.2BY (Cisco IOS), 12.2XV (Cisco IOS), 12.3JA (Cisco IOS), 12.2EZ (Cisco IOS), 12.3JK (Cisco IOS), 12.2SXF (Cisco IOS), 12.2SBC (Cisco IOS), 12.2SXE (Cisco IOS), 12.3JX (Cisco IOS), 12.1GB (Cisco IOS), 12.2SB (Cisco IOS), 12.2SRA (Cisco IOS), 12.2ZV (Cisco IOS), 12.2ZW (Cisco IOS), 12.2ZT (Cisco IOS), 12.2IXA (Cisco IOS), 12.2IXB (Cisco IOS), 12.2IXC (Cisco IOS), 12.2IXD (Cisco IOS), 12.2ZU (Cisco IOS), 12.2ZY (Cisco IOS), 12.4MD (Cisco IOS), 12.2SRB (Cisco IOS), 12.2IXE (Cisco IOS), 12.2SBA (Cisco IOS), 12.2SRC (Cisco IOS), 12.2SXH (Cisco IOS), 12.2IRA (Cisco IOS), 12.2IRB (Cisco IOS), 12.2IXG (Cisco IOS), 12.2IXF (Cisco IOS), 12.2SCB (Cisco IOS), 12.2SRD (Cisco IOS), 12.2SXI (Cisco IOS), 12.2ZYA (Cisco IOS), 12.4JY (Cisco IOS), 12.2IRC (Cisco IOS), 12.2IXH (Cisco IOS), 12.2SCC (Cisco IOS), 12.2SCD (Cisco IOS), 12.2SRE (Cisco IOS), 15.0S (Cisco IOS), 12.2IRD (Cisco IOS), 12.2IRE (Cisco IOS), 15.2S (Cisco IOS), 15.0EY (Cisco IOS), 12.3M (Cisco IOS), 12.2SBK (Cisco IOS), 12.2ZZ (Cisco IOS), 15.1S (Cisco IOS), 12.2IRF (Cisco IOS), 15.0SY (Cisco IOS), 12.2SXJ (Cisco IOS), 12.2SCF (Cisco IOS), 12.2SCE (Cisco IOS), 15.0SG (Cisco IOS), 12.2IRG (Cisco IOS), 15.0EX (Cisco IOS), 12.2SCG (Cisco IOS), 12.2IRH (Cisco IOS), 15.1SY (Cisco IOS), 12.2SCH (Cisco IOS), 15.4S (Cisco IOS), 15.2JAX (Cisco IOS), 15.2SC (Cisco IOS), 15.2SY (Cisco IOS), 15.2JAZ (Cisco IOS), 15.5S (Cisco IOS), 12.2SCI (Cisco IOS), 15.3JAA (Cisco IOS), 15.3SY (Cisco IOS), 12.2SCJ (Cisco IOS), 15.6SP (Cisco IOS), 15.4SY (Cisco IOS), 15.5SY (Cisco IOS)

Possible Mitigations

Использование рекомендаций: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos

CWE

CWE-476

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "12.2 (Cisco IOS), 15.3s (Cisco IOS), 16.2 (Cisco IOS XE), 3.9S (Cisco IOS XE), 3.3XO (Cisco IOS XE), 16.3 (Cisco IOS XE), 3.10S (Cisco IOS XE), 3.15S (Cisco IOS XE), 3.16S (Cisco IOS XE), 3.17S (Cisco IOS XE), 3.2SG (Cisco IOS XE), 16.4 (Cisco IOS XE), 16.5 (Cisco IOS XE), 16.6 (Cisco IOS XE), 16.7 (Cisco IOS XE), 16.8 (Cisco IOS XE), 16.9 (Cisco IOS XE), 17.2 (Cisco IOS XE), 17.3 (Cisco IOS XE), 17.4 (Cisco IOS XE), 17.5 (Cisco IOS XE), 17.6 (Cisco IOS XE), 3.7S (Cisco IOS XE), 3.8S (Cisco IOS XE), 3.11S (Cisco IOS XE), 3.12S (Cisco IOS XE), 3.13S (Cisco IOS XE), 3.6E (Cisco IOS XE), 3.14S (Cisco IOS XE), 3.18S (Cisco IOS XE), 3.18SP (Cisco IOS XE), 12.1 (Cisco IOS), 12.1XI (Cisco IOS), 12.0S (Cisco IOS), 12.2B (Cisco IOS), 12.2S (Cisco IOS), 12.2XA (Cisco IOS), 12.2XB (Cisco IOS), 12.2XG (Cisco IOS), 12.2XL (Cisco IOS), 12.2XN (Cisco IOS), 12.2YD (Cisco IOS), 12.0 (Cisco IOS), 12.0XE (Cisco IOS), 12.0XK (Cisco IOS), 12.1E (Cisco IOS), 12.1XM (Cisco IOS), 12.1YB (Cisco IOS), 12.2DD (Cisco IOS), 12.2XK (Cisco IOS), 12.0T (Cisco IOS), 12.1T (Cisco IOS), 12.1EX (Cisco IOS), 12.1EA (Cisco IOS), 12.0SZ (Cisco IOS), 12.2BW (Cisco IOS), 12.2DX (Cisco IOS), 12.2MC (Cisco IOS), 12.2MX (Cisco IOS), 12.2SZ (Cisco IOS), 12.2XU (Cisco IOS), 12.2YO (Cisco IOS), 12.2YX (Cisco IOS), 12.2YY (Cisco IOS), 12.2YZ (Cisco IOS), 12.2ZA (Cisco IOS), 12.2ZB (Cisco IOS), 12.0XT (Cisco IOS), 12.2XZ (Cisco IOS), 12.3XI (Cisco IOS), 12.2SU (Cisco IOS), 12.2SXB (Cisco IOS), 12.2SXA (Cisco IOS), 12.2SXD (Cisco IOS), 12.2ZI (Cisco IOS), 12.3YF (Cisco IOS), 12.2M (Cisco IOS), 12.2BY (Cisco IOS), 12.2XV (Cisco IOS), 12.3JA (Cisco IOS), 12.2EZ (Cisco IOS), 12.3JK (Cisco IOS), 12.2SXF (Cisco IOS), 12.2SBC (Cisco IOS), 12.2SXE (Cisco IOS), 12.3JX (Cisco IOS), 12.1GB (Cisco IOS), 12.2SB (Cisco IOS), 12.2SRA (Cisco IOS), 12.2ZV (Cisco IOS), 12.2ZW (Cisco IOS), 12.2ZT (Cisco IOS), 12.2IXA (Cisco IOS), 12.2IXB (Cisco IOS), 12.2IXC (Cisco IOS), 12.2IXD (Cisco IOS), 12.2ZU (Cisco IOS), 12.2ZY (Cisco IOS), 12.4MD (Cisco IOS), 12.2SRB (Cisco IOS), 12.2IXE (Cisco IOS), 12.2SBA (Cisco IOS), 12.2SRC (Cisco IOS), 12.2SXH (Cisco IOS), 12.2IRA (Cisco IOS), 12.2IRB (Cisco IOS), 12.2IXG (Cisco IOS), 12.2IXF (Cisco IOS), 12.2SCB (Cisco IOS), 12.2SRD (Cisco IOS), 12.2SXI (Cisco IOS), 12.2ZYA (Cisco IOS), 12.4JY (Cisco IOS), 12.2IRC (Cisco IOS), 12.2IXH (Cisco IOS), 12.2SCC (Cisco IOS), 12.2SCD (Cisco IOS), 12.2SRE (Cisco IOS), 15.0S (Cisco IOS), 12.2IRD (Cisco IOS), 12.2IRE (Cisco IOS), 15.2S (Cisco IOS), 15.0EY (Cisco IOS), 12.3M (Cisco IOS), 12.2SBK (Cisco IOS), 12.2ZZ (Cisco IOS), 15.1S (Cisco IOS), 12.2IRF (Cisco IOS), 15.0SY (Cisco IOS), 12.2SXJ (Cisco IOS), 12.2SCF (Cisco IOS), 12.2SCE (Cisco IOS), 15.0SG (Cisco IOS), 12.2IRG (Cisco IOS), 15.0EX (Cisco IOS), 12.2SCG (Cisco IOS), 12.2IRH (Cisco IOS), 15.1SY (Cisco IOS), 12.2SCH (Cisco IOS), 15.4S (Cisco IOS), 15.2JAX (Cisco IOS), 15.2SC (Cisco IOS), 15.2SY (Cisco IOS), 15.2JAZ (Cisco IOS), 15.5S (Cisco IOS), 12.2SCI (Cisco IOS), 15.3JAA (Cisco IOS), 15.3SY (Cisco IOS), 12.2SCJ (Cisco IOS), 15.6SP (Cisco IOS), 15.4SY (Cisco IOS), 15.5SY (Cisco IOS)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "25.09.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "03.10.2019",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-03435",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-12647",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Cisco IOS, Cisco IOS XE",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Ident \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Cisco IOS \u0438 Cisco IOS XE, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f NULL (CWE-476)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Ident \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Cisco IOS \u0438 Cisco IOS XE \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0440\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-476",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,6)"
}

FKIE_CVE-2019-12647

Vulnerability from fkie_nvd - Published: 2019-09-25 20:15 - Updated: 2024-11-21 04:23

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	ios_xe	fuji-16.7.1
cisco	ios_xe	fuji-16.8.1
cisco	1100	-
cisco	4221	-
cisco	4321	-
cisco	4351	-
cisco	4431	-
cisco	4451-x	-
cisco	asr_1000	-
cisco	asr_1001-hx	-
cisco	asr_1001-x	-
cisco	asr_1002-hx	-
cisco	asr_1002-x	-
cisco	asr_900	-
cisco	asr_920-10sz-pd	-
cisco	asr_920-12cz-a	-
cisco	asr_920-12cz-d	-
cisco	asr_920-12sz-im	-
cisco	asr_920-24sz-im	-
cisco	asr_920-24sz-m	-
cisco	asr_920-24tz-m	-
cisco	asr_920-4sz-a	-
cisco	asr_920-4sz-d	-
cisco	cloud_services_router_1000v	-
cisco	ncs_4201	-
cisco	ncs_4202	-
cisco	ncs_4206	-
cisco	ncs_4216	-
cisco	network_convergence_system_520	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:fuji-16.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF365C26-BBA0-44DE-9822-AC23CDC273A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:fuji-16.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDF8FE6A-F644-44A9-8422-6C67214B221B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:1100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC042678-29AA-44F7-BBF0-1D752D25687D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4221:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FCB8187-4527-4EB5-8699-AD706FDF6991",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4321:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7564AE6-693E-4976-8420-6D1E968DA756",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4351:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6A779A8-21BD-4DC9-AA86-F7E6A62BB945",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4431:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3703BD40-2107-4255-819B-61E8CFE70DD4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4451-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36B8B210-127D-4006-AED5-90E76EEDED93",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91209C16-A620-44A0-9134-8AA456343F29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7594E307-AC80-41EC-AE94-07E664A7D701",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA873342-542E-4FC8-9C22-B5A43F9F3E9D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-10sz-pd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBE110B5-CC6E-4103-9983-4195BCC28165",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FE4D129-435B-45DD-838D-4017BD94DF93",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "870D5B63-A1D5-442A-B2B9-9E522E5DB08F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BD45D77-4097-4AFB-98DF-5B8188316C20",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "064DB97B-9E52-45BC-9F43-8FCB5570FC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D989205A-0576-415C-935E-E83AD42FD1CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24tz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C3EB40-574A-48F7-A679-90F62ED976B5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85489F69-EAF0-4971-8C93-36838A8AA00E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D029B0C-2DAE-491A-90B4-79C093EC9E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:cloud_services_router_1000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CCB8270-A01D-40A6-BF4B-26BAF65E68F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_4201:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41C5ECF8-EFFE-4C27-8DCB-2533BFD5200F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_4202:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C23248-3D61-4BAF-9602-BA31FB4374DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_4206:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C36494B4-8E2D-4399-97B5-725792BD5C45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_4216:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0819EF17-5102-45FF-96AD-85BE17FD6921",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:network_convergence_system_520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7A35D05-30AC-460F-ADBF-5B7EB0801ACD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability exists because the affected software incorrectly handles memory structures, leading to a NULL pointer dereference. An attacker could exploit this vulnerability by opening a TCP connection to specific ports and sending traffic over that connection. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el manejador del protocolo Ident de los Software Cisco IOS y IOS XE, podr\u00eda permitir a un atacante remoto no autenticado causar la recarga de un dispositivo afectado. La vulnerabilidad se presenta porque el software afectado maneja incorrectamente las estructuras de la memoria, lo que conlleva a una desreferencia del puntero NULL. Un atacante podr\u00eda explotar esta vulnerabilidad abriendo una conexi\u00f3n TCP en puertos espec\u00edficos y mediante el env\u00edo de tr\u00e1fico por medio de \u00e9sta conexi\u00f3n. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el dispositivo afectado se recargue, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."
    }
  ],
  "id": "CVE-2019-12647",
  "lastModified": "2024-11-21T04:23:15.310",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-09-25T20:15:10.417",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-RHG8-M3M4-VCQG

Vulnerability from github – Published: 2022-05-24 16:56 – Updated: 2024-04-04 01:59

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-12647"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-09-25T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability exists because the affected software incorrectly handles memory structures, leading to a NULL pointer dereference. An attacker could exploit this vulnerability by opening a TCP connection to specific ports and sending traffic over that connection. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.",
  "id": "GHSA-rhg8-m3m4-vcqg",
  "modified": "2024-04-04T01:59:44Z",
  "published": "2022-05-24T16:56:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12647"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2019-12647

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2019-12647

Aliases

CVE-2019-12647

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-12647",
    "description": "A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability exists because the affected software incorrectly handles memory structures, leading to a NULL pointer dereference. An attacker could exploit this vulnerability by opening a TCP connection to specific ports and sending traffic over that connection. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.",
    "id": "GSD-2019-12647"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-12647"
      ],
      "details": "A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability exists because the affected software incorrectly handles memory structures, leading to a NULL pointer dereference. An attacker could exploit this vulnerability by opening a TCP connection to specific ports and sending traffic over that connection. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.",
      "id": "GSD-2019-12647",
      "modified": "2023-12-13T01:23:43.975751Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "DATE_PUBLIC": "2019-09-25T16:00:00-0700",
        "ID": "CVE-2019-12647",
        "STATE": "PUBLIC",
        "TITLE": "Cisco IOS and IOS XE Software IP Ident Denial of Service Vulnerability"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cisco IOS",
                    "version": {
                      "version_data": [
                        {
                          "affected": "\u003c",
                          "version_value": "12.1(12)"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Cisco"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability exists because the affected software incorrectly handles memory structures, leading to a NULL pointer dereference. An attacker could exploit this vulnerability by opening a TCP connection to specific ports and sending traffic over that connection. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
        }
      ],
      "impact": {
        "cvss": {
          "baseScore": "8.6",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H ",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-476"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20190925 Cisco IOS and IOS XE Software IP Ident Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos"
          }
        ]
      },
      "source": {
        "advisory": "cisco-sa-20190925-identd-dos",
        "defect": [
          [
            "CSCvm01689"
          ]
        ],
        "discovery": "INTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:fuji-16.8.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:fuji-16.7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:cloud_services_router_1000v:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:4451-x:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:4351:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:ncs_4201:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:4221:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:ncs_4202:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_920-24sz-m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:ncs_4206:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_920-12sz-im:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:1100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:4321:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:4431:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:ncs_4216:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_920-4sz-a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_920-12cz-d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_920-10sz-pd:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_920-24tz-m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_920-24sz-im:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_920-4sz-d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:network_convergence_system_520:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_920-12cz-a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2019-12647"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability exists because the affected software incorrectly handles memory structures, leading to a NULL pointer dereference. An attacker could exploit this vulnerability by opening a TCP connection to specific ports and sending traffic over that connection. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-476"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190925 Cisco IOS and IOS XE Software IP Ident Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-10-09T23:45Z",
      "publishedDate": "2019-09-25T20:15Z"
    }
  }
}

CERTFR-2019-AVI-468

Vulnerability from certfr_avis - Published: 2019-09-26 - Updated: 2019-09-26

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	IOS	Cisco IOS Gateways with Session Initiation Protocol (SIP)
Cisco	N/A	Cisco Business Edition 4000 (BE4K)
Cisco	N/A	Cisco Catalyst 4500 Supervisor Engine 6L-E
Cisco	N/A	Cisco Cloud Services Router (CSR) 1000V Series
Cisco	N/A	Cisco Enterprise Network Compute System (ENCS)
Cisco	N/A	Cisco TDM Gateways
Cisco	N/A	Cisco Catalyst 4948E-F Ethernet Switch
Cisco	N/A	Cisco Catalyst 4500 Supervisor Engine 6-E
Cisco	N/A	Cisco Unified Survivable Remote Site Telephony (SRST)
Cisco	N/A	Cisco Catalyst 4948E Ethernet Switch
Cisco	IOS XE	Cisco ASR 900 Series routers avec Cisco IOS XE version 16.9 configuré en tant que serveur Raw Socket TCP
Cisco	IOS	Cisco Industrial Ethernet 4000 Series Switches: Cisco IOS Software versions antérieures à 15.2(7)E
Cisco	N/A	Cisco 800 Series Industrial Integrated Services Routers et Cisco 1000 Series Connected Grid Routers (CGR 1000)
Cisco	N/A	Cisco Unified Border Element (CUBE)
Cisco	IOS XE	Cisco IOS et IOS XE (voir sur le site du constructeur pour les versions vulnérables)
Cisco	N/A	Cisco Catalyst 4900M Switch
Cisco	N/A	Cisco IC3000 Industrial Compute Gateway: Industrial Compute Gateway Software versions antérieures à 1.1.1
Cisco	N/A	Cisco CGR 1000 Compute Module: CGR 1000 IOx Compute Platform Firmware
Cisco	N/A	Cisco Integrated Services Virtual Router (ISRv)
Cisco	N/A	Cisco Catalyst 3850 et 9300 Series Switches
Cisco	N/A	Cisco 1100, 4200 et 4300 Integrated Services Routers (ISRs)
Cisco	Unified Communications Manager	Cisco Unified Communications Manager Express (CME)
Cisco	N/A	Cisco 510 WPAN Industrial Router: Industrial Routers Operating System Software versions antérieures à 6.1.27

References

Title

Publication Time

CNVD-2019-46435

Vulnerability from cnvd - Published: 2019-12-20

Title

Cisco IOS和IOS XE IP Ident拒绝服务漏洞

Description

Cisco IOS和IOS XE都是美国思科（Cisco）公司的一套为其网络设备开发的操作系统。 Cisco IOS和IOS XE中的Ident protocol handler存在拒绝服务漏洞，该漏洞源于程序未能正确处理内存结构。远程攻击者可通过打开TCP连接并通过该连接发送流量利用该漏洞造成拒绝服务。

Severity

高

Patch Name

Cisco IOS和IOS XE IP Ident拒绝服务漏洞的补丁

Patch Description

Cisco IOS和IOS XE都是美国思科（Cisco）公司的一套为其网络设备开发的操作系统。 Cisco IOS和IOS XE中的Ident protocol handler存在拒绝服务漏洞，该漏洞源于程序未能正确处理内存结构。远程攻击者可通过打开TCP连接并通过该连接发送流量利用该漏洞造成拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos

Impacted products

Name
['Cisco IOS XE', 'Cisco IOS']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-12647",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-12647"
    }
  },
  "description": "Cisco IOS\u548cIOS XE\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e3a\u5176\u7f51\u7edc\u8bbe\u5907\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\n\nCisco IOS\u548cIOS XE\u4e2d\u7684Ident protocol handler\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u5904\u7406\u5185\u5b58\u7ed3\u6784\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u6253\u5f00TCP\u8fde\u63a5\u5e76\u901a\u8fc7\u8be5\u8fde\u63a5\u53d1\u9001\u6d41\u91cf\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-46435",
  "openTime": "2019-12-20",
  "patchDescription": "Cisco IOS\u548cIOS XE\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e3a\u5176\u7f51\u7edc\u8bbe\u5907\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nCisco IOS\u548cIOS XE\u4e2d\u7684Ident protocol handler\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u5904\u7406\u5185\u5b58\u7ed3\u6784\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u6253\u5f00TCP\u8fde\u63a5\u5e76\u901a\u8fc7\u8be5\u8fde\u63a5\u53d1\u9001\u6d41\u91cf\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco IOS\u548cIOS XE IP Ident\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco IOS XE",
      "Cisco IOS"
    ]
  },
  "referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos",
  "serverity": "\u9ad8",
  "submitTime": "2019-09-26",
  "title": "Cisco IOS\u548cIOS XE IP Ident\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-12647 (GCVE-0-2019-12647)

CVE-2019-12647

FKIE_CVE-2019-12647

GHSA-RHG8-M3M4-VCQG

GSD-2019-12647

CERTFR-2019-AVI-468

Solution

CNVD-2019-46435

Tags

Sightings

Nomenclature