7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
0.002 Low
EPSS
Percentile
52.3%
Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets by an affected device. An attacker could exploit these vulnerabilities by sending an LDAP packet crafted using Basic Encoding Rules (BER) to an affected device. The LDAP packet must have a source IP address of an LDAP server configured on the targeted device. A successful exploit could cause the affected device to reload, resulting in a DoS condition. Firepower 4100 Series Next- Generation Firewalls are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. Firepower 9300 Security Appliances are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. MDS 9000 Series Multilayer Switches are affected in versions prior to 8.2(1). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(1). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(2). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(20), 7.3(2)D1(1), and 8.2(1). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I7(1). UCS 6200 and 6300 Fabric Interconnect are affected in versions prior to 3.2(2b).
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(501294);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/26");
script_cve_id("CVE-2019-1598");
script_name(english:"Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service (CVE-2019-1598)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"Multiple vulnerabilities in the implementation of the Lightweight
Directory Access Protocol (LDAP) feature in Cisco FXOS Software and
Cisco NX-OS Software could allow an unauthenticated, remote attacker
to cause an affected device to reload, resulting in a denial of
service (DoS) condition. The vulnerabilities are due to the improper
parsing of LDAP packets by an affected device. An attacker could
exploit these vulnerabilities by sending an LDAP packet crafted using
Basic Encoding Rules (BER) to an affected device. The LDAP packet must
have a source IP address of an LDAP server configured on the targeted
device. A successful exploit could cause the affected device to
reload, resulting in a DoS condition. Firepower 4100 Series Next-
Generation Firewalls are affected in versions prior to 2.0.1.201,
2.2.2.54, and 2.3.1.75. Firepower 9300 Security Appliances are
affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. MDS
9000 Series Multilayer Switches are affected in versions prior to
8.2(1). Nexus 3000 Series Switches are affected in versions prior to
7.0(3)I7(1). Nexus 3500 Platform Switches are affected in versions
prior to 7.0(3)I7(2). Nexus 7000 and 7700 Series Switches are affected
in versions prior to 6.2(20), 7.3(2)D1(1), and 8.2(1). Nexus 9000
Series Switches in Standalone NX-OS Mode are affected in versions
prior to 7.0(3)I7(1). UCS 6200 and 6300 Fabric Interconnect are
affected in versions prior to 3.2(2b).
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxosldap
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?453a1923");
script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/bid/107394");
script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-1598");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(20);
script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/07");
script_set_attribute(attribute:"patch_publication_date", value:"2019/03/07");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/07/25");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:3");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:6");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:7");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:8");
script_set_attribute(attribute:"generated_plugin", value:"former");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Cisco");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Cisco');
var asset = tenable_ot::assets::get(vendor:'Cisco');
var vuln_cpes = {
"cpe:/o:cisco:nx-os:8.2%281%29" :
{"versionEndExcluding" : "8.2%281%29", "versionStartIncluding" : "7.3", "family" : "NXOS"},
"cpe:/o:cisco:nx-os:7.0%283%29i7%282%29" :
{"versionEndExcluding" : "7.0%283%29i7%282%29", "versionStartIncluding" : "7.0%283%29", "family" : "NXOS"},
"cpe:/o:cisco:nx-os:7.3%282%29d1%281%29" :
{"versionEndExcluding" : "7.3%282%29d1%281%29", "versionStartIncluding" : "7.2", "family" : "NXOS"},
"cpe:/o:cisco:nx-os:6.2%2820%29" :
{"versionEndExcluding" : "6.2%2820%29", "family" : "NXOS"},
"cpe:/o:cisco:nx-os:3.2%282b%29" :
{"versionEndExcluding" : "3.2%282b%29", "family" : "NXOS"},
"cpe:/o:cisco:nx-os:6.2%2821%29" :
{"versionEndExcluding" : "6.2%2821%29", "versionStartIncluding" : "5.2", "family" : "NXOS"},
"cpe:/o:cisco:nx-os:7.0%283%29i4%287%29" :
{"versionEndExcluding" : "7.0%283%29i4%287%29", "family" : "NXOS"},
"cpe:/o:cisco:nx-os:6.0%282%29a8%2811%29" :
{"versionEndExcluding" : "6.0%282%29a8%2811%29", "family" : "NXOS"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
0.002 Low
EPSS
Percentile
52.3%