Lucene search

CiscoCVE-2019-1750

HistoryMar 28, 2019 - 12:29 a.m.

CVE-2019-1750

2019-03-2800:29:00

CWE-388

CWE-20

cisco

web.nvd.nist.gov

cve-2019-1750

cisco

catalyst 4500

easy vss

reload

denial of service

dos

security vulnerability

nvd

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

7.3

Confidence

High

EPSS

0.001

Percentile

22.5%

JSON

A vulnerability in the Easy Virtual Switching System (VSS) of Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an unauthenticated, adjacent attacker to cause the switches to reload. The vulnerability is due to incomplete error handling when processing Cisco Discovery Protocol (CDP) packets used with the Easy Virtual Switching System. An attacker could exploit this vulnerability by sending a specially crafted CDP packet. An exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

Affected configurations

Nvd

Vulners

Node

ciscoios_xeMatch3.6.0ae

ciscoios_xeMatch3.6.0be

ciscoios_xeMatch3.6.0e

ciscoios_xeMatch3.6.1e

ciscoios_xeMatch3.6.2ae

ciscoios_xeMatch3.6.2e

ciscoios_xeMatch3.6.3e

ciscoios_xeMatch3.6.4e

ciscoios_xeMatch3.6.5ae

ciscoios_xeMatch3.6.5be

ciscoios_xeMatch3.6.5e

ciscoios_xeMatch3.6.6e

ciscoios_xeMatch3.6.7ae

ciscoios_xeMatch3.6.7be

ciscoios_xeMatch3.6.7e

ciscoios_xeMatch3.6.8e

ciscoios_xeMatch3.6.9e

ciscoios_xeMatch3.6.10e

ciscoios_xeMatch3.7.0e

ciscoios_xeMatch3.7.1e

ciscoios_xeMatch3.7.2e

ciscoios_xeMatch3.7.3e

ciscoios_xeMatch3.8.0e

ciscoios_xeMatch3.8.1e

ciscoios_xeMatch3.8.2e

ciscoios_xeMatch3.8.3e

ciscoios_xeMatch3.8.4e

ciscoios_xeMatch3.8.5ae

ciscoios_xeMatch3.8.5e

ciscoios_xeMatch3.8.6e

ciscoios_xeMatch3.8.7e

ciscoios_xeMatch3.9.0e

ciscoios_xeMatch3.9.1e

ciscoios_xeMatch3.9.2be

ciscoios_xeMatch3.9.2e

ciscoios_xeMatch3.10.0ce

ciscoios_xeMatch3.10.0e

ciscoios_xeMatch3.10.1ae

ciscoios_xeMatch3.10.1e

ciscoios_xeMatch3.10.1se

ciscoios_xeMatch3.10.2e

ciscoios_xeMatch16.9.2h

VendorProductVersionCPE
ciscoios_xe3.6.0aecpe:2.3:o:cisco:ios_xe:3.6.0ae:*:*:*:*:*:*:*
ciscoios_xe3.6.0becpe:2.3:o:cisco:ios_xe:3.6.0be:*:*:*:*:*:*:*
ciscoios_xe3.6.0ecpe:2.3:o:cisco:ios_xe:3.6.0e:*:*:*:*:*:*:*
ciscoios_xe3.6.1ecpe:2.3:o:cisco:ios_xe:3.6.1e:*:*:*:*:*:*:*
ciscoios_xe3.6.2aecpe:2.3:o:cisco:ios_xe:3.6.2ae:*:*:*:*:*:*:*
ciscoios_xe3.6.2ecpe:2.3:o:cisco:ios_xe:3.6.2e:*:*:*:*:*:*:*
ciscoios_xe3.6.3ecpe:2.3:o:cisco:ios_xe:3.6.3e:*:*:*:*:*:*:*
ciscoios_xe3.6.4ecpe:2.3:o:cisco:ios_xe:3.6.4e:*:*:*:*:*:*:*
ciscoios_xe3.6.5aecpe:2.3:o:cisco:ios_xe:3.6.5ae:*:*:*:*:*:*:*
ciscoios_xe3.6.5becpe:2.3:o:cisco:ios_xe:3.6.5be:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xe	3.6.0ae	cpe:2.3:o:cisco:ios_xe:3.6.0ae:::::::*
cisco	ios_xe	3.6.0be	cpe:2.3:o:cisco:ios_xe:3.6.0be:::::::*
cisco	ios_xe	3.6.0e	cpe:2.3:o:cisco:ios_xe:3.6.0e:::::::*
cisco	ios_xe	3.6.1e	cpe:2.3:o:cisco:ios_xe:3.6.1e:::::::*
cisco	ios_xe	3.6.2ae	cpe:2.3:o:cisco:ios_xe:3.6.2ae:::::::*
cisco	ios_xe	3.6.2e	cpe:2.3:o:cisco:ios_xe:3.6.2e:::::::*
cisco	ios_xe	3.6.3e	cpe:2.3:o:cisco:ios_xe:3.6.3e:::::::*
cisco	ios_xe	3.6.4e	cpe:2.3:o:cisco:ios_xe:3.6.4e:::::::*
cisco	ios_xe	3.6.5ae	cpe:2.3:o:cisco:ios_xe:3.6.5ae:::::::*
cisco	ios_xe	3.6.5be	cpe:2.3:o:cisco:ios_xe:3.6.5be:::::::*

Rows per page:

1-10 of 421

CNA Affected

[
  {
    "product": "Cisco IOS XE Software",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "3.6.0E"
      },
      {
        "status": "affected",
        "version": "3.6.1E"
      },
      {
        "status": "affected",
        "version": "3.6.0aE"
      },
      {
        "status": "affected",
        "version": "3.6.0bE"
      },
      {
        "status": "affected",
        "version": "3.6.2aE"
      },
      {
        "status": "affected",
        "version": "3.6.2E"
      },
      {
        "status": "affected",
        "version": "3.6.3E"
      },
      {
        "status": "affected",
        "version": "3.6.4E"
      },
      {
        "status": "affected",
        "version": "3.6.5E"
      },
      {
        "status": "affected",
        "version": "3.6.6E"
      },
      {
        "status": "affected",
        "version": "3.6.5aE"
      },
      {
        "status": "affected",
        "version": "3.6.5bE"
      },
      {
        "status": "affected",
        "version": "3.6.7E"
      },
      {
        "status": "affected",
        "version": "3.6.8E"
      },
      {
        "status": "affected",
        "version": "3.6.7aE"
      },
      {
        "status": "affected",
        "version": "3.6.7bE"
      },
      {
        "status": "affected",
        "version": "3.6.9E"
      },
      {
        "status": "affected",
        "version": "3.6.10E"
      },
      {
        "status": "affected",
        "version": "3.7.0E"
      },
      {
        "status": "affected",
        "version": "3.7.1E"
      },
      {
        "status": "affected",
        "version": "3.7.2E"
      },
      {
        "status": "affected",
        "version": "3.7.3E"
      },
      {
        "status": "affected",
        "version": "3.8.0E"
      },
      {
        "status": "affected",
        "version": "3.8.1E"
      },
      {
        "status": "affected",
        "version": "3.8.2E"
      },
      {
        "status": "affected",
        "version": "3.8.3E"
      },
      {
        "status": "affected",
        "version": "3.8.4E"
      },
      {
        "status": "affected",
        "version": "3.8.5E"
      },
      {
        "status": "affected",
        "version": "3.8.5aE"
      },
      {
        "status": "affected",
        "version": "3.8.6E"
      },
      {
        "status": "affected",
        "version": "3.8.7E"
      },
      {
        "status": "affected",
        "version": "3.9.0E"
      },
      {
        "status": "affected",
        "version": "3.9.1E"
      },
      {
        "status": "affected",
        "version": "3.9.2E"
      },
      {
        "status": "affected",
        "version": "3.9.2bE"
      },
      {
        "status": "affected",
        "version": "16.9.2h"
      },
      {
        "status": "affected",
        "version": "3.10.0E"
      },
      {
        "status": "affected",
        "version": "3.10.1E"
      },
      {
        "status": "affected",
        "version": "3.10.0cE"
      },
      {
        "status": "affected",
        "version": "3.10.2E"
      },
      {
        "status": "affected",
        "version": "3.10.1aE"
      },
      {
        "status": "affected",
        "version": "3.10.1sE"
      }
    ]
  }
]

References

www.securityfocus.com/bid/107607

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-evss

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

7.3

Confidence

High

EPSS

0.001

Percentile

22.5%

JSON

Related for CVE-2019-1750