CVE-2019-1858
8.6
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 4.0
Source: NVD
Description
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when processing inbound SNMP packets. An attacker could exploit this vulnerability by sending multiple crafted SNMP packets to an affected device. A successful exploit could allow the attacker to cause the SNMP application to leak system memory because of an improperly handled error condition during packet processing. Over time, this memory leak could cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.
Affected (17)
Products: Cisco: Nx Os, Firepower Extensible Operating System, Fx Os
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 8.1\(1\) |
| Running on/with | Platform Versions |
|---|---|
Cisco Mds 9132t | All versions |
Cisco Mds 9148s | All versions |
Cisco Mds 9148t | All versions |
Cisco Mds 9216 | All versions |
Cisco Mds 9216a | All versions |
Cisco Mds 9216i | All versions |
Cisco Mds 9222i | All versions |
Cisco Mds 9250i | All versions |
Cisco Mds 9396s | All versions |
Cisco Mds 9396t | All versions |
Cisco Mds 9506 | All versions |
Cisco Mds 9509 | All versions |
Cisco Mds 9513 | All versions |
Cisco Mds 9706 | All versions |
Cisco Mds 9710 | All versions |
Cisco Mds 9718 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 7.0\(3\)i4\(8\) |
| Running on/with | Platform Versions |
|---|---|
Cisco Nexus 3048 | All versions |
Cisco Nexus 31108pc V | All versions |
Cisco Nexus 31108tc V | All versions |
Cisco Nexus 31128pq | All versions |
Cisco Nexus 3132c Z | All versions |
Cisco Nexus 3132q V | All versions |
Cisco Nexus 3132q X/3132q Xl | All versions |
Cisco Nexus 3164q | All versions |
Cisco Nexus 3172pq/pq Xl | All versions |
Cisco Nexus 3172tq Xl | All versions |
Cisco Nexus 3232c | All versions |
Cisco Nexus 3264c E | All versions |
Cisco Nexus 3264q | All versions |
Cisco Nexus 3408 S | All versions |
Cisco Nexus 34180yc | All versions |
Cisco Nexus 3432d S | All versions |
Cisco Nexus 3464c | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| From 7.0\(3\) to 7.0\(3\)f3\(1\) |
| Running on/with | Platform Versions |
|---|---|
Cisco N9k C9504 Fm R | All versions |
Cisco N9k C9508 Fm R | All versions |
Cisco N9k X96136yc R | All versions |
Cisco N9k X9636q R | All versions |
Cisco Nexus 36180yc R | All versions |
Cisco Nexus 3636c R | All versions |
Cisco X96136yc R | All versions |
Cisco X9636c R | All versions |
Cisco X9636c Rx | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 7.1\(5\)n1\(1b\) |
| Running on/with | Platform Versions |
|---|---|
Cisco Nexus 5010 | All versions |
Cisco Nexus 5020 | All versions |
Cisco Nexus 5548p | All versions |
Cisco Nexus 5548up | All versions |
Cisco Nexus 5596t | All versions |
Cisco Nexus 5596up | All versions |
Cisco Nexus 56128p | All versions |
Cisco Nexus 5624q | All versions |
Cisco Nexus 5648q | All versions |
Cisco Nexus 5672up | All versions |
Cisco Nexus 5672up 16g | All versions |
Cisco Nexus 5696q | All versions |
Cisco Nexus 6001 | All versions |
Cisco Nexus 6004 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 6.2\(22\) |
| Running on/with | Platform Versions |
|---|---|
Cisco 7000 10 Slot | All versions |
Cisco 7000 18 Slot | All versions |
Cisco 7000 4 Slot | All versions |
Cisco 7000 9 Slot | All versions |
Cisco 7700 10 Slot | All versions |
Cisco 7700 18 Slot | All versions |
Cisco 7700 2 Slot | All versions |
Cisco 7700 6 Slot | All versions |
Cisco N77 F312ck 26 | All versions |
Cisco N77 F324fq 25 | All versions |
Cisco N77 F348xp 23 | All versions |
Cisco N77 F430cq 36 | All versions |
Cisco N77 M312cq 26l | All versions |
Cisco N77 M324fq 25l | All versions |
Cisco N77 M348xp 23l | All versions |
Cisco N7k F248xp 25e | All versions |
Cisco N7k F306ck 25 | All versions |
Cisco N7k F312fq 25 | All versions |
Cisco N7k M202cf 22l | All versions |
Cisco N7k M206fq 23l | All versions |
Cisco N7k M224xp 23l | All versions |
Cisco N7k M324fq 25l | All versions |
Cisco N7k M348xp 25l | All versions |
Cisco Nexus 7000 Supervisor 1 | All versions |
Cisco Nexus 7000 Supervisor 2 | All versions |
Cisco Nexus 7000 Supervisor 2e | All versions |
Cisco Nexus 7700 Supervisor 2e | All versions |
Cisco Nexus 7700 Supervisor 3e | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| From 2.6 to 2.6.1.131 | |
| Before 2.2.2.91 |
| Running on/with | Platform Versions |
|---|---|
Cisco Firepower 4110 | All versions |
Cisco Firepower 4120 | All versions |
Cisco Firepower 4140 | All versions |
Cisco Firepower 4150 | All versions |
Cisco Firepower 9300 With 1 Sm 24 Module | All versions |
Cisco Firepower 9300 With 1 Sm 36 Module | All versions |
Cisco Firepower 9300 With 1 Sm 44 Module | All versions |
Cisco Firepower 9300 With 3 Sm 44 Module | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 14.0\(2c\) |
| Running on/with | Platform Versions |
|---|---|
Cisco 9432pq | All versions |
Cisco 9536pq | All versions |
Cisco 9636pq | All versions |
Cisco 9736pq | All versions |
Cisco N9k X9432c S | All versions |
Cisco N9k X9464px | All versions |
Cisco N9k X9464tx2 | All versions |
Cisco N9k X9564px | All versions |
Cisco N9k X9564tx | All versions |
Cisco N9k X9636c R | All versions |
Cisco N9k X9636c Rx | All versions |
Cisco N9k X97160yc Ex | All versions |
Cisco N9k X9732c Ex | All versions |
Cisco N9k X9732c Fx | All versions |
Cisco N9k X9736c Ex | All versions |
Cisco N9k X9736c Fx | All versions |
Cisco N9k X9788tc Fx | All versions |
Cisco Nexus 92160yc X | All versions |
Cisco Nexus 92300yc | All versions |
Cisco Nexus 93108tc Ex | All versions |
Cisco Nexus 93108tc Fx | All versions |
Cisco Nexus 93120tx | All versions |
Cisco Nexus 9316d Gx | All versions |
Cisco Nexus 93180lc Ex | All versions |
Cisco Nexus 93180yc Ex | All versions |
Cisco Nexus 93180yc Fx | All versions |
Cisco Nexus 93216tc Fx2 | All versions |
Cisco Nexus 93240yc Fx2 | All versions |
Cisco Nexus 9332c | All versions |
Cisco Nexus 93360yc Fx2 | All versions |
Cisco Nexus 9336c Fx2 | All versions |
Cisco Nexus 9348gc Fxp | All versions |
Cisco Nexus 93600cd Gx | All versions |
Cisco Nexus 9364c | All versions |
Cisco Nexus 9500 Supervisor A | All versions |
Cisco Nexus 9500 Supervisor A+ | All versions |
Cisco Nexus 9500 Supervisor B | All versions |
Cisco Nexus 9500 Supervisor B+ | All versions |
Cisco Nexus 9504 | All versions |
Cisco Nexus 9508 | All versions |
Cisco Nexus 9516 | All versions |
Cisco X9636q R | All versions |
Configuration H
Related CWEs
CWE-20
Improper Input Validation
The product receives input or data, but it does
not validate or incorrectly validates that the input has the
properties that are required to process the data safely and
correctly.
CWE-755
Improper Handling of Exceptional Conditions
The product does not handle or incorrectly handles an exceptional condition.
References (4)
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.