{"containers": {"cna": {"affected": [{"product": "Firepower 4100 Series Next-Generation Firewalls", "vendor": "Cisco", "versions": [{"lessThan": "2.0.1.201", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "2.2.2.54", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "2.3.1.75", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firepower 9300 Security Appliance", "vendor": "Cisco", "versions": [{"lessThan": "2.0.1.201", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "2.2.2.54", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "2.3.1.75", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "MDS 9000 Series Multilayer Switches", "vendor": "Cisco", "versions": [{"lessThan": "8.2(1)", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Nexus 3000 Series Switches", "vendor": "Cisco", "versions": [{"lessThan": "7.0(3)I7(1)", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Nexus 3500 Platform Switches", "vendor": "Cisco", "versions": [{"lessThan": "7.0(3)I7(2)", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Nexus 7000 and 7700 Series Switches", "vendor": "Cisco", "versions": [{"lessThan": "6.2(20)", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "7.3(2)D1(1)", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "8.2(1)", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Nexus 9000 Series Switches in Standalone NX-OS Mode", "vendor": "Cisco", "versions": [{"lessThan": "7.0(3)I7(1)", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "UCS 6200 and 6300 Fabric Interconnect", "vendor": "Cisco", "versions": [{"lessThan": "3.2(2b)", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2019-03-06T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets by an affected device. An attacker could exploit these vulnerabilities by sending an LDAP packet crafted using Basic Encoding Rules (BER) to an affected device. The LDAP packet must have a source IP address of an LDAP server configured on the targeted device. A successful exploit could cause the affected device to reload, resulting in a DoS condition. Firepower 4100 Series Next-Generation Firewalls are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. Firepower 9300 Security Appliances are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. MDS 9000 Series Multilayer Switches are affected in versions prior to 8.2(1). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(1). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(2). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(20), 7.3(2)D1(1), and 8.2(1). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I7(1). UCS 6200 and 6300 Fabric Interconnect are affected in versions prior to 3.2(2b)."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-03-14T09:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20190306 Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxosldap"}, {"name": "107394", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/107394"}], "source": {"advisory": "cisco-sa-20190306-nxosldap", "defect": [["CSCvd40241", "CSCvd57308", "CSCve02855", "CSCve02858", "CSCve02865", "CSCve02867", "CSCve02871", "CSCve57816", "CSCve57820", "CSCve58224"]], "discovery": "INTERNAL"}, "title": "Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2019-03-06T16:00:00-0800", "ID": "CVE-2019-1598", "STATE": "PUBLIC", "TITLE": "Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Firepower 4100 Series Next-Generation Firewalls", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_value": "2.0.1.201"}, {"affected": "<", "version_affected": "<", "version_value": "2.2.2.54"}, {"affected": "<", "version_affected": "<", "version_value": "2.3.1.75"}]}}, {"product_name": "Firepower 9300 Security Appliance", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_value": "2.0.1.201"}, {"affected": "<", "version_affected": "<", "version_value": "2.2.2.54"}, {"affected": "<", "version_affected": "<", "version_value": "2.3.1.75"}]}}, {"product_name": "MDS 9000 Series Multilayer Switches", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_value": "8.2(1)"}]}}, {"product_name": "Nexus 3000 Series Switches", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_value": "7.0(3)I7(1)"}]}}, {"product_name": "Nexus 3500 Platform Switches", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_value": "7.0(3)I7(2)"}]}}, {"product_name": "Nexus 7000 and 7700 Series Switches", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_value": "6.2(20)"}, {"affected": "<", "version_affected": "<", "version_value": "7.3(2)D1(1)"}, {"affected": "<", "version_affected": "<", "version_value": "8.2(1)"}]}}, {"product_name": "Nexus 9000 Series Switches in Standalone NX-OS Mode", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_value": "7.0(3)I7(1)"}]}}, {"product_name": "UCS 6200 and 6300 Fabric Interconnect", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_value": "3.2(2b)"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets by an affected device. An attacker could exploit these vulnerabilities by sending an LDAP packet crafted using Basic Encoding Rules (BER) to an affected device. The LDAP packet must have a source IP address of an LDAP server configured on the targeted device. A successful exploit could cause the affected device to reload, resulting in a DoS condition. Firepower 4100 Series Next-Generation Firewalls are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. Firepower 9300 Security Appliances are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. MDS 9000 Series Multilayer Switches are affected in versions prior to 8.2(1). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(1). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(2). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(20), 7.3(2)D1(1), and 8.2(1). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I7(1). UCS 6200 and 6300 Fabric Interconnect are affected in versions prior to 3.2(2b)."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "impact": {"cvss": {"baseScore": "8.6", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "references": {"reference_data": [{"name": "20190306 Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxosldap"}, {"name": "107394", "refsource": "BID", "url": "http://www.securityfocus.com/bid/107394"}]}, "source": {"advisory": "cisco-sa-20190306-nxosldap", "defect": [["CSCvd40241", "CSCvd57308", "CSCve02855", "CSCve02858", "CSCve02865", "CSCve02867", "CSCve02871", "CSCve57816", "CSCve57820", "CSCve58224"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T18:20:28.318Z"}, "title": "CVE Program Container", "references": [{"name": "20190306 Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxosldap"}, {"name": "107394", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/107394"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-19T17:25:20.750979Z", "id": "CVE-2019-1598", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-19T19:15:50.651Z"}}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2019-1598", "datePublished": "2019-03-07T20:00:00Z", "dateReserved": "2018-12-06T00:00:00", "dateUpdated": "2024-11-19T19:15:50.651Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxosldap", "name": "20190306 Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"]}, {"url": "http://www.securityfocus.com/bid/107394", "name": "107394", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T18:20:28.318Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-1598", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-19T17:25:20.750979Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-19T17:25:49.616Z"}}], "cna": {"title": "Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities", "source": {"defect": [["CSCvd40241", "CSCvd57308", "CSCve02855", "CSCve02858", "CSCve02865", "CSCve02867", "CSCve02871", "CSCve57816", "CSCve57820", "CSCve58224"]], "advisory": "cisco-sa-20190306-nxosldap", "discovery": "INTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "CHANGED", "version": "3.0", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Cisco", "product": "Firepower 4100 Series Next-Generation Firewalls", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "2.0.1.201", "versionType": "custom"}, {"status": "affected", "version": "unspecified", "lessThan": "2.2.2.54", "versionType": "custom"}, {"status": "affected", "version": "unspecified", "lessThan": "2.3.1.75", "versionType": "custom"}]}, {"vendor": "Cisco", "product": "Firepower 9300 Security Appliance", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "2.0.1.201", "versionType": "custom"}, {"status": "affected", "version": "unspecified", "lessThan": "2.2.2.54", "versionType": "custom"}, {"status": "affected", "version": "unspecified", "lessThan": "2.3.1.75", "versionType": "custom"}]}, {"vendor": "Cisco", "product": "MDS 9000 Series Multilayer Switches", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "8.2(1)", "versionType": "custom"}]}, {"vendor": "Cisco", "product": "Nexus 3000 Series Switches", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "7.0(3)I7(1)", "versionType": "custom"}]}, {"vendor": "Cisco", "product": "Nexus 3500 Platform Switches", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "7.0(3)I7(2)", "versionType": "custom"}]}, {"vendor": "Cisco", "product": "Nexus 7000 and 7700 Series Switches", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "6.2(20)", "versionType": "custom"}, {"status": "affected", "version": "unspecified", "lessThan": "7.3(2)D1(1)", "versionType": "custom"}, {"status": "affected", "version": "unspecified", "lessThan": "8.2(1)", "versionType": "custom"}]}, {"vendor": "Cisco", "product": "Nexus 9000 Series Switches in Standalone NX-OS Mode", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "7.0(3)I7(1)", "versionType": "custom"}]}, {"vendor": "Cisco", "product": "UCS 6200 and 6300 Fabric Interconnect", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "3.2(2b)", "versionType": "custom"}]}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "datePublic": "2019-03-06T00:00:00", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxosldap", "name": "20190306 Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO"]}, {"url": "http://www.securityfocus.com/bid/107394", "name": "107394", "tags": ["vdb-entry", "x_refsource_BID"]}], "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets by an affected device. An attacker could exploit these vulnerabilities by sending an LDAP packet crafted using Basic Encoding Rules (BER) to an affected device. The LDAP packet must have a source IP address of an LDAP server configured on the targeted device. A successful exploit could cause the affected device to reload, resulting in a DoS condition. Firepower 4100 Series Next-Generation Firewalls are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. Firepower 9300 Security Appliances are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. MDS 9000 Series Multilayer Switches are affected in versions prior to 8.2(1). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(1). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(2). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(20), 7.3(2)D1(1), and 8.2(1). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I7(1). UCS 6200 and 6300 Fabric Interconnect are affected in versions prior to 3.2(2b)."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2019-03-14T09:57:01"}, "x_legacyV4Record": {"impact": {"cvss": {"version": "3.0", "baseScore": "8.6", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}}, "source": {"defect": [["CSCvd40241", "CSCvd57308", "CSCve02855", "CSCve02858", "CSCve02865", "CSCve02867", "CSCve02871", "CSCve57816", "CSCve57820", "CSCve58224"]], "advisory": "cisco-sa-20190306-nxosldap", "discovery": "INTERNAL"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"affected": "<", "version_value": "2.0.1.201", "version_affected": "<"}, {"affected": "<", "version_value": "2.2.2.54", "version_affected": "<"}, {"affected": "<", "version_value": "2.3.1.75", "version_affected": "<"}]}, "product_name": "Firepower 4100 Series Next-Generation Firewalls"}, {"version": {"version_data": [{"affected": "<", "version_value": "2.0.1.201", "version_affected": "<"}, {"affected": "<", "version_value": "2.2.2.54", "version_affected": "<"}, {"affected": "<", "version_value": "2.3.1.75", "version_affected": "<"}]}, "product_name": "Firepower 9300 Security Appliance"}, {"version": {"version_data": [{"affected": "<", "version_value": "8.2(1)", "version_affected": "<"}]}, "product_name": "MDS 9000 Series Multilayer Switches"}, {"version": {"version_data": [{"affected": "<", "version_value": "7.0(3)I7(1)", "version_affected": "<"}]}, "product_name": "Nexus 3000 Series Switches"}, {"version": {"version_data": [{"affected": "<", "version_value": "7.0(3)I7(2)", "version_affected": "<"}]}, "product_name": "Nexus 3500 Platform Switches"}, {"version": {"version_data": [{"affected": "<", "version_value": "6.2(20)", "version_affected": "<"}, {"affected": "<", "version_value": "7.3(2)D1(1)", "version_affected": "<"}, {"affected": "<", "version_value": "8.2(1)", "version_affected": "<"}]}, "product_name": "Nexus 7000 and 7700 Series Switches"}, {"version": {"version_data": [{"affected": "<", "version_value": "7.0(3)I7(1)", "version_affected": "<"}]}, "product_name": "Nexus 9000 Series Switches in Standalone NX-OS Mode"}, {"version": {"version_data": [{"affected": "<", "version_value": "3.2(2b)", "version_affected": "<"}]}, "product_name": "UCS 6200 and 6300 Fabric Interconnect"}]}, "vendor_name": "Cisco"}]}}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "data_type": "CVE", "references": {"reference_data": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxosldap", "name": "20190306 Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities", "refsource": "CISCO"}, {"url": "http://www.securityfocus.com/bid/107394", "name": "107394", "refsource": "BID"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets by an affected device. An attacker could exploit these vulnerabilities by sending an LDAP packet crafted using Basic Encoding Rules (BER) to an affected device. The LDAP packet must have a source IP address of an LDAP server configured on the targeted device. A successful exploit could cause the affected device to reload, resulting in a DoS condition. Firepower 4100 Series Next-Generation Firewalls are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. Firepower 9300 Security Appliances are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. MDS 9000 Series Multilayer Switches are affected in versions prior to 8.2(1). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(1). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(2). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(20), 7.3(2)D1(1), and 8.2(1). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I7(1). UCS 6200 and 6300 Fabric Interconnect are affected in versions prior to 3.2(2b)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2019-1598", "STATE": "PUBLIC", "TITLE": "Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities", "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2019-03-06T16:00:00-0800"}}}}, "cveMetadata": {"cveId": "CVE-2019-1598", "state": "PUBLISHED", "dateUpdated": "2024-11-19T19:15:50.651Z", "dateReserved": "2018-12-06T00:00:00", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2019-03-07T20:00:00Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "932EC2D8-BB21-49EB-B61D-BA03F5F3DFB9", "versionEndExcluding": "2.3.1.75", "versionStartIncluding": "2.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", "matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "5AC81469-F459-4CF6-B83E-AD49EA99F288", "versionEndExcluding": "8.2\\(1\\)", "versionStartIncluding": "7.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAEED288-9710-4758-8F6A-50BB6CF8338F", "versionEndExcluding": "7.0\\(3\\)i7\\(1\\)", "versionStartIncluding": "7.0\\(3\\)i5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*", "matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "4CDB62C9-2EA8-47F1-8D69-1DA9465E2FF4", "versionEndExcluding": "7.0\\(3\\)i7\\(2\\)", "versionStartIncluding": "7.0\\(3\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", "matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "ABFF3A8F-C0BC-4C70-837D-A8DAE3A9AD64", "versionEndExcluding": "8.2\\(1\\)", "versionStartIncluding": "8.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", "matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAEED288-9710-4758-8F6A-50BB6CF8338F", "versionEndExcluding": "7.0\\(3\\)i7\\(1\\)", "versionStartIncluding": "7.0\\(3\\)i5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "4C3732BD-8732-4EE4-B915-92A040A6795B", "versionEndExcluding": "2.2.2.54", "versionStartIncluding": "2.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", "matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA88A05D-8084-42F8-B41F-CBFBEE26DD31", "versionEndExcluding": "7.3\\(2\\)d1\\(1\\)", "versionStartIncluding": "7.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", "matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD409C9E-043F-4CAD-8D85-6227DC7753FF", "versionEndExcluding": "6.2\\(20\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", "matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "4356AAFD-C447-485B-8F9C-281A076C4BE4", "versionEndExcluding": "2.0.1.201", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", "matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "47E73745-F292-4B4F-96F7-275166B460B1", "versionEndExcluding": "3.2\\(2b\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*", "matchCriteriaId": "A0B96E5C-CC27-4020-93CE-413B95DCABB0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6BCF41B-A617-4563-8D14-E906411354FB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "7449565B-66C5-4F31-9437-746827E9BD82", "versionEndExcluding": "6.2\\(21\\)", "versionStartIncluding": "5.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "B72E985E-53AB-4964-9EDB-0D056ABAA9DD", "versionEndExcluding": "7.0\\(3\\)i4\\(7\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*", "matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE", "versionEndExcluding": "6.0\\(2\\)a8\\(11\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", "matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "B72E985E-53AB-4964-9EDB-0D056ABAA9DD", "versionEndExcluding": "7.0\\(3\\)i4\\(7\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets by an affected device. An attacker could exploit these vulnerabilities by sending an LDAP packet crafted using Basic Encoding Rules (BER) to an affected device. The LDAP packet must have a source IP address of an LDAP server configured on the targeted device. A successful exploit could cause the affected device to reload, resulting in a DoS condition. Firepower 4100 Series Next-Generation Firewalls are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. Firepower 9300 Security Appliances are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. MDS 9000 Series Multilayer Switches are affected in versions prior to 8.2(1). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(1). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(2). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(20), 7.3(2)D1(1), and 8.2(1). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I7(1). UCS 6200 and 6300 Fabric Interconnect are affected in versions prior to 3.2(2b)."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades en la implementaci\u00f3n de una funcionalidad de Lightweight Directory Access Protocol (LDAP) en los software FXOS y NX-OS de Cisco podr\u00edan permitir a un atacante remoto no autenticado provocar que un dispositivo afectado se actualice nuevamente, conduciendo a una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Estas vulnerabilidades se deben a un an\u00e1lisis sint\u00e1ctico incorrecto de los paquetes LDAP de un dispositivo afectado. Un atacante podr\u00eda explotar estas vulnerabilidades enviando un paquete LDAP manipulado mediante el uso de reglas denominadas \"Basic Encoding Rules\" (BER) a un dispositivo afectado. El paquete LDAP deber\u00e1 tener una direcci\u00f3n IP de origen de un servidor LDAP que est\u00e9 configurado en el dispositivo objetivo. Si se tiene \u00e9xito, el dispositivo afectado podr\u00eda recargarse, provocando una denegaci\u00f3n de servicio. Los firewalls de Firepower 4100 Series Next-Generation se ven afectados en versiones anteriores a las 2.0.1.201, 2.2.2.52 y 2.3.1.75. Firepower 9300 Security Appliances se ven afectados en versiones anteriores a las 2.0.1.201, 2.2.2.54 y 2.3.1.75. Los switches de MDS 9000 Series Multilayer se ven afectados en versiones anteriores a la 8.2(1). Los switches de Nexus 3000 Series se ven afectados en versiones anteriores a la 7.0(3)I7(1). Los switches de Nexus 3500 Platform se ven afectados en versiones anteriores a la 7.0(3)I7(2). Los switches de Nexus, en sus series 7000 y 7700, se ven afectados en versiones anteriores a las 6.2(20), 7.3(2)D1(1) y 8.2(1). Las versiones anteriores a la 70(3)I7(1) de Nexus 9000 Series Switches, en modo NX-OS Standalone, se ven afectadas. UCS 6200 y 6300 Fabric Interconnect, se ven afectados en versiones anteriores a la 3.2(2b)."}], "id": "CVE-2019-1598", "lastModified": "2024-11-21T04:36:53.470", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "ykramarz@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-03-07T19:29:00.303", "references": [{"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/107394"}, {"source": "ykramarz@cisco.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxosldap"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/107394"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxosldap"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}