// For flags

CVE-2019-1597

Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Attend
*SSVC
Descriptions

Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets by an affected device. An attacker could exploit these vulnerabilities by sending an LDAP packet crafted using Basic Encoding Rules (BER) to an affected device. The LDAP packet must have a source IP address of an LDAP server configured on the targeted device. A successful exploit could cause the affected device to reload, resulting in a DoS condition. Firepower 4100 Series Next-Generation Firewalls are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. Firepower 9300 Security Appliances are affected in versions prior to 2.0.1.201, 2.2.2.54 and 2.3.1.75. MDS 9000 Series Multilayer Switches are affected in versions prior to 8.2(1). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(1). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(2). Nexus 7000 and 7700 Series Switches are affected in versions prior to 8.2(1). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I7(1). Cisco UCS 6200 and 6300 Fabric Interconnect devices are affected in versions prior to 3.2(2b).

Múltiples vulnerabilidades en la implementación de una funcionalidad de Lightweight Directory Access Protocol (LDAP) en los software FXOS y NX-OS de Cisco podrían permitir a un atacante remoto no autenticado provocar que un dispositivo afectado se actualice nuevamente, conduciendo a una condición de denegación de servicio (DoS). Estas vulnerabilidades se deben a un análisis sintáctico incorrecto de los paquetes LDAP de un dispositivo afectado. Un atacante podría explotar estas vulnerabilidades enviando un paquete LDAP manipulado mediante el uso de reglas denominadas "Basic Encoding Rules" (BER) a un dispositivo afectado. El paquete LDAP deberá tener una dirección IP de origen de un servidor LDAP que esté configurado en el dispositivo objetivo. Si se tiene éxito, el dispositivo afectado podría recargarse, provocando una denegación de servicio. Los firewalls de Firepower 4100 Series Next-Generation se ven afectados en versiones anteriores a las 2.0.1.201, 2.2.2.52 y 2.3.1.75. Firepower 9300 Security Appliances se ven afectados en versiones anteriores a las 2.0.1.201, 2.2.2.52 y 2.3.1.75. Los switches de MDS 9000 Series Multilayer se ven afectados en versiones anteriores a la 8.2(1). Los switches de Nexus 3000 Series se ven afectados en versiones anteriores a la 7.0(3)I7(1). Los switches de Nexus 3500 Platform se ven afectados en versiones anteriores a la 7.0(3)I7(2). Los switches de Nexus, en sus series 7000 y 7700, se ven afectados en versiones anteriores a la 8.2(1). Las versiones anteriores a la 70(3)I7(1) de Nexus 9000 Series Switches, en modo NX-OS, se ven afectadas. Los dispositivos Cisco UCS 6200 y 6300 Fabric Interconnect, se ven afectados en versiones anteriores a la 3.2(2b).

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:Attend
Exploitation
None
Automatable
Yes
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2018-12-06 CVE Reserved
  • 2019-03-07 CVE Published
  • 2024-10-24 EPSS Updated
  • 2024-11-19 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
> 2.2.2.54 < 2.3.1.75
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " > 2.2.2.54 < 2.3.1.75"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4100
Search vendor "Cisco" for product "Firepower 4100"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
> 2.2.2.54 < 2.3.1.75
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " > 2.2.2.54 < 2.3.1.75"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300
Search vendor "Cisco" for product "Firepower 9300"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
< 8.2\(1\)
Search vendor "Cisco" for product "Nx-os" and version " < 8.2\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Mds 9000
Search vendor "Cisco" for product "Mds 9000"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
< 7.0\(3\)i7\(1\)
Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i7\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 3000
Search vendor "Cisco" for product "Nexus 3000"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
< 7.0\(3\)i7\(2\)
Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i7\(2\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 3500
Search vendor "Cisco" for product "Nexus 3500"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
> 7.3\(2\)d1\(1\) < 8.2\(1\)
Search vendor "Cisco" for product "Nx-os" and version " > 7.3\(2\)d1\(1\) < 8.2\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 7000
Search vendor "Cisco" for product "Nexus 7000"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
> 7.3\(2\)d1\(1\) < 8.2\(1\)
Search vendor "Cisco" for product "Nx-os" and version " > 7.3\(2\)d1\(1\) < 8.2\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 7700
Search vendor "Cisco" for product "Nexus 7700"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
< 7.0\(3\)i7\(1\)
Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i7\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 9000
Search vendor "Cisco" for product "Nexus 9000"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
> 2.0.1.201 < 2.2.2.54
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " > 2.0.1.201 < 2.2.2.54"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4100
Search vendor "Cisco" for product "Firepower 4100"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
> 2.0.1.201 < 2.2.2.54
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " > 2.0.1.201 < 2.2.2.54"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300
Search vendor "Cisco" for product "Firepower 9300"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
> 6.2\(20\) < 7.3\(2\)d1\(1\)
Search vendor "Cisco" for product "Nx-os" and version " > 6.2\(20\) < 7.3\(2\)d1\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 7000
Search vendor "Cisco" for product "Nexus 7000"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
> 6.2\(20\) < 7.3\(2\)d1\(1\)
Search vendor "Cisco" for product "Nx-os" and version " > 6.2\(20\) < 7.3\(2\)d1\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 7700
Search vendor "Cisco" for product "Nexus 7700"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
< 6.2\(20\)
Search vendor "Cisco" for product "Nx-os" and version " < 6.2\(20\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 7000
Search vendor "Cisco" for product "Nexus 7000"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
< 6.2\(20\)
Search vendor "Cisco" for product "Nx-os" and version " < 6.2\(20\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 7700
Search vendor "Cisco" for product "Nexus 7700"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
< 2.0.1.201
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.0.1.201"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 4100
Search vendor "Cisco" for product "Firepower 4100"
--
Safe
Cisco
Search vendor "Cisco"
Firepower Extensible Operating System
Search vendor "Cisco" for product "Firepower Extensible Operating System"
< 2.0.1.201
Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.0.1.201"
-
Affected
in Cisco
Search vendor "Cisco"
Firepower 9300
Search vendor "Cisco" for product "Firepower 9300"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
< 3.2\(2b\)
Search vendor "Cisco" for product "Nx-os" and version " < 3.2\(2b\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs 6200
Search vendor "Cisco" for product "Ucs 6200"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
< 3.2\(2b\)
Search vendor "Cisco" for product "Nx-os" and version " < 3.2\(2b\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs 6300
Search vendor "Cisco" for product "Ucs 6300"
--
Safe