CVE-2019-1684

Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability

Severity Score

6.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to missing length validation of certain Cisco Discovery Protocol or LLDP packet header fields. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. Versions prior to 12.6(1)MN80 are affected.

Una vulnerabilidad en la implementación de Cisco Discovery Protocol o en Link Layer Discovery Protocol (LLDP) en Cisco IP Phone 7800 and 8800 Series podría permitir que un atacante adyacente no autenticado provoque que un teléfono afectado se recargue inesperadamente, lo que resulta en una condición temporal de denegación de servicio (DoS). Esta vulnerabilidad se debe a la falta de una validación de longitud de determinados campos de cabeceras de paquetes Cisco Discovery Protocol o LLDP. Un atacante podría explotar esta vulnerabilidad enviando un paquete Cisco Discovery Protocol o LLDP malicioso al teléfono objetivo. Si se explota con éxito, podría permitir que el atacante consiga que el teléfono afectado se reinicie, provocando una denegación de servicio (DoS) temporal. Todas las versiones anteriores a la 12.6(1)MN80 se ven afectadas.

*Credits: N/A

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Adjacent

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-12-06 CVE Reserved
2019-02-21 CVE Published
2024-07-13 EPSS Updated
2024-09-16 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-399: Resource Management Errors

CAPEC

References (2)

URL	Tag	Source
http://www.securityfocus.com/bid/107104	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos	2020-10-16

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"	Ip Phone 8800 Firmware Search vendor "Cisco" for product "Ip Phone 8800 Firmware"	< 12.6\(1\)mn80 Search vendor "Cisco" for product "Ip Phone 8800 Firmware" and version " < 12.6\(1\)mn80"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 8800 Search vendor "Cisco" for product "Ip Phone 8800"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 7800 Firmware Search vendor "Cisco" for product "Ip Phone 7800 Firmware"	< 12.6\(1\)mn80 Search vendor "Cisco" for product "Ip Phone 7800 Firmware" and version " < 12.6\(1\)mn80"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 7800 Search vendor "Cisco" for product "Ip Phone 7800"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Conference Phone 7832 Firmware Search vendor "Cisco" for product "Ip Conference Phone 7832 Firmware"	< 12.6\(1\)mn80 Search vendor "Cisco" for product "Ip Conference Phone 7832 Firmware" and version " < 12.6\(1\)mn80"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Conference Phone 7832 Search vendor "Cisco" for product "Ip Conference Phone 7832"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Conference Phone 8832 Firmware Search vendor "Cisco" for product "Ip Conference Phone 8832 Firmware"	< 12.6\(1\)mn80 Search vendor "Cisco" for product "Ip Conference Phone 8832 Firmware" and version " < 12.6\(1\)mn80"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Conference Phone 8832 Search vendor "Cisco" for product "Ip Conference Phone 8832"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 7811 Firmware Search vendor "Cisco" for product "Ip Phone 7811 Firmware"	< 12.6\(1\)mn80 Search vendor "Cisco" for product "Ip Phone 7811 Firmware" and version " < 12.6\(1\)mn80"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 7811 Search vendor "Cisco" for product "Ip Phone 7811"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 7821 Firmware Search vendor "Cisco" for product "Ip Phone 7821 Firmware"	< 12.6\(1\)mn80 Search vendor "Cisco" for product "Ip Phone 7821 Firmware" and version " < 12.6\(1\)mn80"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 7821 Search vendor "Cisco" for product "Ip Phone 7821"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 7841 Firmware Search vendor "Cisco" for product "Ip Phone 7841 Firmware"	< 12.6\(1\)mn80 Search vendor "Cisco" for product "Ip Phone 7841 Firmware" and version " < 12.6\(1\)mn80"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 7841 Search vendor "Cisco" for product "Ip Phone 7841"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 7861 Firmware Search vendor "Cisco" for product "Ip Phone 7861 Firmware"	< 12.6\(1\)mn80 Search vendor "Cisco" for product "Ip Phone 7861 Firmware" and version " < 12.6\(1\)mn80"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 7861 Search vendor "Cisco" for product "Ip Phone 7861"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 8811 Firmware Search vendor "Cisco" for product "Ip Phone 8811 Firmware"	< 12.6\(1\)mn80 Search vendor "Cisco" for product "Ip Phone 8811 Firmware" and version " < 12.6\(1\)mn80"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 8811 Search vendor "Cisco" for product "Ip Phone 8811"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 8841 Firmware Search vendor "Cisco" for product "Ip Phone 8841 Firmware"	< 12.6\(1\)mn80 Search vendor "Cisco" for product "Ip Phone 8841 Firmware" and version " < 12.6\(1\)mn80"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 8841 Search vendor "Cisco" for product "Ip Phone 8841"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 8845 Firmware Search vendor "Cisco" for product "Ip Phone 8845 Firmware"	< 12.6\(1\)mn80 Search vendor "Cisco" for product "Ip Phone 8845 Firmware" and version " < 12.6\(1\)mn80"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 8845 Search vendor "Cisco" for product "Ip Phone 8845"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 8851 Firmware Search vendor "Cisco" for product "Ip Phone 8851 Firmware"	< 12.6\(1\)mn80 Search vendor "Cisco" for product "Ip Phone 8851 Firmware" and version " < 12.6\(1\)mn80"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 8851 Search vendor "Cisco" for product "Ip Phone 8851"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 8861 Firmware Search vendor "Cisco" for product "Ip Phone 8861 Firmware"	< 12.6\(1\)mn80 Search vendor "Cisco" for product "Ip Phone 8861 Firmware" and version " < 12.6\(1\)mn80"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 8861 Search vendor "Cisco" for product "Ip Phone 8861"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 8865 Firmware Search vendor "Cisco" for product "Ip Phone 8865 Firmware"	< 12.6\(1\)mn80 Search vendor "Cisco" for product "Ip Phone 8865 Firmware" and version " < 12.6\(1\)mn80"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 8865 Search vendor "Cisco" for product "Ip Phone 8865"	-	-	Safe