CVE-2019-16026

Cisco Mobility Management Entity Denial of Service Vulnerability

Severity Score

5.9

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message to the MME. A successful exploit would cause the MME to stop sending SCTP messages to the eNodeB, triggering a DoS condition.

Una vulnerabilidad en la implementación del Stream Control Transmission Protocol (SCTP) en Cisco Mobility Management Entity (MME), podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un eNodeB que esté conectado en un dispositivo afectado. La vulnerabilidad es debido a una comprobación de entrada insuficiente del tráfico SCTP. Un atacante podría explotar esta vulnerabilidad mediante el aprovechamiento de una posición de tipo man-in-the-middle entre el eNodeB y el MME y luego enviar un mensaje SCTP diseñado hacia el MME. Una explotación con éxito causaría que el MME dejara de enviar mensajes SCTP hacia el eNodeB, desencadenando una condición DoS.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2019-09-06 CVE Reserved
2020-01-26 CVE Published
2023-03-07 EPSS Updated
2024-09-17 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-mme-dos	2020-01-31

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"	Staros Search vendor "Cisco" for product "Staros"	< 21.16.1 Search vendor "Cisco" for product "Staros" and version " < 21.16.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 5000 Search vendor "Cisco" for product "Asr 5000"	-	-	Safe
Cisco Search vendor "Cisco"	Staros Search vendor "Cisco" for product "Staros"	< 21.16.1 Search vendor "Cisco" for product "Staros" and version " < 21.16.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 5500 Search vendor "Cisco" for product "Asr 5500"	-	-	Safe
Cisco Search vendor "Cisco"	Staros Search vendor "Cisco" for product "Staros"	< 21.16.1 Search vendor "Cisco" for product "Staros" and version " < 21.16.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 5700 Search vendor "Cisco" for product "Asr 5700"	-	-	Safe