CVE-2019-1598

Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities

Severity Score

7.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets by an affected device. An attacker could exploit these vulnerabilities by sending an LDAP packet crafted using Basic Encoding Rules (BER) to an affected device. The LDAP packet must have a source IP address of an LDAP server configured on the targeted device. A successful exploit could cause the affected device to reload, resulting in a DoS condition. Firepower 4100 Series Next-Generation Firewalls are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. Firepower 9300 Security Appliances are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. MDS 9000 Series Multilayer Switches are affected in versions prior to 8.2(1). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(1). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(2). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(20), 7.3(2)D1(1), and 8.2(1). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I7(1). UCS 6200 and 6300 Fabric Interconnect are affected in versions prior to 3.2(2b).

Múltiples vulnerabilidades en la implementación de una funcionalidad de Lightweight Directory Access Protocol (LDAP) en los software FXOS y NX-OS de Cisco podrían permitir a un atacante remoto no autenticado provocar que un dispositivo afectado se actualice nuevamente, conduciendo a una condición de denegación de servicio (DoS). Estas vulnerabilidades se deben a un análisis sintáctico incorrecto de los paquetes LDAP de un dispositivo afectado. Un atacante podría explotar estas vulnerabilidades enviando un paquete LDAP manipulado mediante el uso de reglas denominadas "Basic Encoding Rules" (BER) a un dispositivo afectado. El paquete LDAP deberá tener una dirección IP de origen de un servidor LDAP que esté configurado en el dispositivo objetivo. Si se tiene éxito, el dispositivo afectado podría recargarse, provocando una denegación de servicio. Los firewalls de Firepower 4100 Series Next-Generation se ven afectados en versiones anteriores a las 2.0.1.201, 2.2.2.52 y 2.3.1.75. Firepower 9300 Security Appliances se ven afectados en versiones anteriores a las 2.0.1.201, 2.2.2.54 y 2.3.1.75. Los switches de MDS 9000 Series Multilayer se ven afectados en versiones anteriores a la 8.2(1). Los switches de Nexus 3000 Series se ven afectados en versiones anteriores a la 7.0(3)I7(1). Los switches de Nexus 3500 Platform se ven afectados en versiones anteriores a la 7.0(3)I7(2). Los switches de Nexus, en sus series 7000 y 7700, se ven afectados en versiones anteriores a las 6.2(20), 7.3(2)D1(1) y 8.2(1). Las versiones anteriores a la 70(3)I7(1) de Nexus 9000 Series Switches, en modo NX-OS Standalone, se ven afectadas. UCS 6200 y 6300 Fabric Interconnect, se ven afectados en versiones anteriores a la 3.2(2b).

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-12-06 CVE Reserved
2019-03-07 CVE Published
2024-07-27 EPSS Updated
2024-09-16 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (2)

URL	Tag	Source
http://www.securityfocus.com/bid/107394	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxosldap	2023-04-20

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"	Firepower Extensible Operating System Search vendor "Cisco" for product "Firepower Extensible Operating System"	>= 2.3 < 2.3.1.75 Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.3 < 2.3.1.75"	-	Affected	in	Cisco Search vendor "Cisco"	Firepower 4100 Search vendor "Cisco" for product "Firepower 4100"	-	-	Safe
Cisco Search vendor "Cisco"	Firepower Extensible Operating System Search vendor "Cisco" for product "Firepower Extensible Operating System"	>= 2.3 < 2.3.1.75 Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.3 < 2.3.1.75"	-	Affected	in	Cisco Search vendor "Cisco"	Firepower 9300 Search vendor "Cisco" for product "Firepower 9300"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	>= 7.3 < 8.2\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.3 < 8.2\(1\)"	-	Affected	in	Cisco Search vendor "Cisco"	Mds 9000 Search vendor "Cisco" for product "Mds 9000"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	>= 7.0\(3\)i5 < 7.0\(3\)i7\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i5 < 7.0\(3\)i7\(1\)"	-	Affected	in	Cisco Search vendor "Cisco"	Nexus 3000 Search vendor "Cisco" for product "Nexus 3000"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	>= 7.0\(3\) < 7.0\(3\)i7\(2\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\) < 7.0\(3\)i7\(2\)"	-	Affected	in	Cisco Search vendor "Cisco"	Nexus 3500 Search vendor "Cisco" for product "Nexus 3500"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	>= 8.0 < 8.2\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 8.0 < 8.2\(1\)"	-	Affected	in	Cisco Search vendor "Cisco"	Nexus 7000 Search vendor "Cisco" for product "Nexus 7000"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	>= 8.0 < 8.2\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 8.0 < 8.2\(1\)"	-	Affected	in	Cisco Search vendor "Cisco"	Nexus 7700 Search vendor "Cisco" for product "Nexus 7700"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	>= 7.0\(3\)i5 < 7.0\(3\)i7\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i5 < 7.0\(3\)i7\(1\)"	-	Affected	in	Cisco Search vendor "Cisco"	Nexus 9000 Search vendor "Cisco" for product "Nexus 9000"	-	-	Safe
Cisco Search vendor "Cisco"	Firepower Extensible Operating System Search vendor "Cisco" for product "Firepower Extensible Operating System"	>= 2.1 < 2.2.2.54 Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.1 < 2.2.2.54"	-	Affected	in	Cisco Search vendor "Cisco"	Firepower 4100 Search vendor "Cisco" for product "Firepower 4100"	-	-	Safe
Cisco Search vendor "Cisco"	Firepower Extensible Operating System Search vendor "Cisco" for product "Firepower Extensible Operating System"	>= 2.1 < 2.2.2.54 Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " >= 2.1 < 2.2.2.54"	-	Affected	in	Cisco Search vendor "Cisco"	Firepower 9300 Search vendor "Cisco" for product "Firepower 9300"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	>= 7.2 < 7.3\(2\)d1\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.2 < 7.3\(2\)d1\(1\)"	-	Affected	in	Cisco Search vendor "Cisco"	Nexus 7000 Search vendor "Cisco" for product "Nexus 7000"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	>= 7.2 < 7.3\(2\)d1\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.2 < 7.3\(2\)d1\(1\)"	-	Affected	in	Cisco Search vendor "Cisco"	Nexus 7700 Search vendor "Cisco" for product "Nexus 7700"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	< 6.2\(20\) Search vendor "Cisco" for product "Nx-os" and version " < 6.2\(20\)"	-	Affected	in	Cisco Search vendor "Cisco"	Nexus 7000 Search vendor "Cisco" for product "Nexus 7000"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	< 6.2\(20\) Search vendor "Cisco" for product "Nx-os" and version " < 6.2\(20\)"	-	Affected	in	Cisco Search vendor "Cisco"	Nexus 7700 Search vendor "Cisco" for product "Nexus 7700"	-	-	Safe
Cisco Search vendor "Cisco"	Firepower Extensible Operating System Search vendor "Cisco" for product "Firepower Extensible Operating System"	< 2.0.1.201 Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.0.1.201"	-	Affected	in	Cisco Search vendor "Cisco"	Firepower 4100 Search vendor "Cisco" for product "Firepower 4100"	-	-	Safe
Cisco Search vendor "Cisco"	Firepower Extensible Operating System Search vendor "Cisco" for product "Firepower Extensible Operating System"	< 2.0.1.201 Search vendor "Cisco" for product "Firepower Extensible Operating System" and version " < 2.0.1.201"	-	Affected	in	Cisco Search vendor "Cisco"	Firepower 9300 Search vendor "Cisco" for product "Firepower 9300"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	< 3.2\(2b\) Search vendor "Cisco" for product "Nx-os" and version " < 3.2\(2b\)"	-	Affected	in	Cisco Search vendor "Cisco"	Ucs 6200 Search vendor "Cisco" for product "Ucs 6200"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	< 3.2\(2b\) Search vendor "Cisco" for product "Nx-os" and version " < 3.2\(2b\)"	-	Affected	in	Cisco Search vendor "Cisco"	Ucs 6300 Search vendor "Cisco" for product "Ucs 6300"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	>= 5.2 < 6.2\(21\) Search vendor "Cisco" for product "Nx-os" and version " >= 5.2 < 6.2\(21\)"	-	Affected	in	Cisco Search vendor "Cisco"	Mds 9000 Search vendor "Cisco" for product "Mds 9000"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	< 7.0\(3\)i4\(7\) Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i4\(7\)"	-	Affected	in	Cisco Search vendor "Cisco"	Nexus 3000 Search vendor "Cisco" for product "Nexus 3000"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	< 6.0\(2\)a8\(11\) Search vendor "Cisco" for product "Nx-os" and version " < 6.0\(2\)a8\(11\)"	-	Affected	in	Cisco Search vendor "Cisco"	Nexus 3500 Search vendor "Cisco" for product "Nexus 3500"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	< 7.0\(3\)i4\(7\) Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i4\(7\)"	-	Affected	in	Cisco Search vendor "Cisco"	Nexus 9000 Search vendor "Cisco" for product "Nexus 9000"	-	-	Safe