CVE-2019-1858

Current Description

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when processing inbound SNMP packets. An attacker could exploit this vulnerability by sending multiple crafted SNMP packets to an affected device. A successful exploit could allow the attacker to cause the SNMP application to leak system memory because of an improperly handled error condition during packet processing. Over time, this memory leak could cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.

Basic Data

PublishedMay 16, 2019
Last ModifiedOctober 09, 2019
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-20
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score5.0
SeverityMEDIUM
Exploitability Score10.0
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

CVSS 3 - Version3.0
CVSS 3 - Vector StringCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 3 - Attack VectorNETWORK
CVSS 3 - Attack ComplexityLOW
CVSS 3 - Privileges RequiredNONE
CVSS 3 - User InteractionNONE
CVSS 3 - ScopeUNCHANGED
CVSS 3 - Confidentiality ImpactNONE
CVSS 3 - Integrity ImpactNONE
CVSS 3 - Availability ImpactHIGH
CVSS 3 - Base Score7.5
CVSS 3 - Base SeverityHIGH
Exploitability Score3.9
Base SeverityHIGH

Configurations

  • AND
    • OR - Configuration 1
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSCiscoNx-os********8.1(1)
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3HardwareCiscoMds 9132t-*******
      2.3HardwareCiscoMds 9148s-*******
      2.3HardwareCiscoMds 9148t-*******
      2.3HardwareCiscoMds 9216-*******
      2.3HardwareCiscoMds 9216a-*******
      2.3HardwareCiscoMds 9216i-*******
      2.3HardwareCiscoMds 9222i-*******
      2.3HardwareCiscoMds 9250i-*******
      2.3HardwareCiscoMds 9396s-*******
      2.3HardwareCiscoMds 9396t-*******
      2.3HardwareCiscoMds 9506-*******
      2.3HardwareCiscoMds 9509-*******
      2.3HardwareCiscoMds 9513-*******
      2.3HardwareCiscoMds 9706-*******
      2.3HardwareCiscoMds 9710-*******
      2.3HardwareCiscoMds 9718-*******
  • AND
    • OR - Configuration 2
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSCiscoNx-os********7.0(3)i4(8)
      2.3OSCiscoNx-os********7.0(3)i77.0(3)i7(2)
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3HardwareCisco9432pq-*******
      2.3HardwareCisco9536pq-*******
      2.3HardwareCisco9636pq-*******
      2.3HardwareCisco9736pq-*******
      2.3HardwareCiscoN9k-x9432c-s-*******
      2.3HardwareCiscoN9k-x9464px-*******
      2.3HardwareCiscoN9k-x9464tx2-*******
      2.3HardwareCiscoN9k-x9564px-*******
      2.3HardwareCiscoN9k-x9564tx-*******
      2.3HardwareCiscoN9k-x9636c-r-*******
      2.3HardwareCiscoN9k-x9636c-rx-*******
      2.3HardwareCiscoN9k-x97160yc-ex-*******
      2.3HardwareCiscoN9k-x9732c-ex-*******
      2.3HardwareCiscoN9k-x9732c-fx-*******
      2.3HardwareCiscoN9k-x9736c-ex-*******
      2.3HardwareCiscoN9k-x9736c-fx-*******
      2.3HardwareCiscoN9k-x9788tc-fx-*******
      2.3HardwareCiscoNexus 3048-*******
      2.3HardwareCiscoNexus 31108pc-v-*******
      2.3HardwareCiscoNexus 31108tc-v-*******
      2.3HardwareCiscoNexus 31128pq-*******
      2.3HardwareCiscoNexus 3132c-z-*******
      2.3HardwareCiscoNexus 3132q-v-*******
      2.3HardwareCiscoNexus 3132q-x/3132q-xl-*******
      2.3HardwareCiscoNexus 3164q-*******
      2.3HardwareCiscoNexus 3172pq/pq-xl-*******
      2.3HardwareCiscoNexus 3172tq-xl-*******
      2.3HardwareCiscoNexus 3232c-*******
      2.3HardwareCiscoNexus 3264c-e-*******
      2.3HardwareCiscoNexus 3264q-*******
      2.3HardwareCiscoNexus 3408-s-*******
      2.3HardwareCiscoNexus 34180yc-*******
      2.3HardwareCiscoNexus 3432d-s-*******
      2.3HardwareCiscoNexus 3464c-*******
      2.3HardwareCiscoNexus 3524-x/xl-*******
      2.3HardwareCiscoNexus 3548-x/xl-*******
      2.3HardwareCiscoNexus 36180yc-r-*******
      2.3HardwareCiscoNexus 3636c-r-*******
      2.3HardwareCiscoNexus 92160yc-x-*******
      2.3HardwareCiscoNexus 92300yc-*******
      2.3HardwareCiscoNexus 93108tc-ex-*******
      2.3HardwareCiscoNexus 93108tc-fx-*******
      2.3HardwareCiscoNexus 93120tx-*******
      2.3HardwareCiscoNexus 9316d-gx-*******
      2.3HardwareCiscoNexus 93180lc-ex-*******
      2.3HardwareCiscoNexus 93180yc-ex-*******
      2.3HardwareCiscoNexus 93180yc-fx-*******
      2.3HardwareCiscoNexus 93216tc-fx2-*******
      2.3HardwareCiscoNexus 93240yc-fx2-*******
      2.3HardwareCiscoNexus 9332c-*******
      2.3HardwareCiscoNexus 93360yc-fx2-*******
      2.3HardwareCiscoNexus 9336c-fx2-*******
      2.3HardwareCiscoNexus 9348gc-fxp-*******
      2.3HardwareCiscoNexus 93600cd-gx-*******
      2.3HardwareCiscoNexus 9364c-*******
      2.3HardwareCiscoNexus 9500 Supervisor A-*******
      2.3HardwareCiscoNexus 9500 Supervisor A-*******
      2.3HardwareCiscoNexus 9500 Supervisor B-*******
      2.3HardwareCiscoNexus 9500 Supervisor B-*******
      2.3HardwareCiscoNexus 9504-*******
      2.3HardwareCiscoNexus 9508-*******
      2.3HardwareCiscoNexus 9516-*******
      2.3HardwareCiscoX9636q-r-*******
  • AND
    • OR - Configuration 3
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSCiscoNx-os********7.0(3)7.0(3)f3(1)
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3HardwareCiscoN9k-c9504-fm-r-*******
      2.3HardwareCiscoN9k-c9508-fm-r-*******
      2.3HardwareCiscoN9k-x96136yc-r-*******
      2.3HardwareCiscoN9k-x9636c-r-*******
      2.3HardwareCiscoN9k-x9636c-rx-*******
      2.3HardwareCiscoN9k-x9636q-r-*******
      2.3HardwareCiscoNexus 36180yc-r-*******
      2.3HardwareCiscoNexus 3636c-r-*******
      2.3HardwareCiscoX96136yc-r-*******
      2.3HardwareCiscoX9636c-r-*******
      2.3HardwareCiscoX9636c-rx-*******
      2.3HardwareCiscoX9636q-r-*******
  • AND
    • OR - Configuration 4
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSCiscoNx-os********7.1(5)n1(1b)
      2.3OSCiscoNx-os********7.37.3(4)n1(1a)
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3HardwareCiscoNexus 5010-*******
      2.3HardwareCiscoNexus 5020-*******
      2.3HardwareCiscoNexus 5548p-*******
      2.3HardwareCiscoNexus 5548up-*******
      2.3HardwareCiscoNexus 5596t-*******
      2.3HardwareCiscoNexus 5596up-*******
      2.3HardwareCiscoNexus 56128p-*******
      2.3HardwareCiscoNexus 5624q-*******
      2.3HardwareCiscoNexus 5648q-*******
      2.3HardwareCiscoNexus 5672up-*******
      2.3HardwareCiscoNexus 5672up-16g-*******
      2.3HardwareCiscoNexus 5696q-*******
      2.3HardwareCiscoNexus 6001-*******
      2.3HardwareCiscoNexus 6004-*******
  • AND
    • OR - Configuration 5
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSCiscoNx-os********6.2(22)
      2.3OSCiscoNx-os********7.27.2(0)d1(1)
      2.3OSCiscoNx-os********8.08.1(1)
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3HardwareCisco7000 10-slot-*******
      2.3HardwareCisco7000 18-slot-*******
      2.3HardwareCisco7000 4-slot-*******
      2.3HardwareCisco7000 9-slot-*******
      2.3HardwareCisco7700 10-slot-*******
      2.3HardwareCisco7700 18-slot-*******
      2.3HardwareCisco7700 2-slot-*******
      2.3HardwareCisco7700 6-slot-*******
      2.3HardwareCiscoN77-f312ck-26-*******
      2.3HardwareCiscoN77-f324fq-25-*******
      2.3HardwareCiscoN77-f348xp-23-*******
      2.3HardwareCiscoN77-f430cq-36-*******
      2.3HardwareCiscoN77-m312cq-26l-*******
      2.3HardwareCiscoN77-m324fq-25l-*******
      2.3HardwareCiscoN77-m348xp-23l-*******
      2.3HardwareCiscoN7k-f248xp-25e-*******
      2.3HardwareCiscoN7k-f306ck-25-*******
      2.3HardwareCiscoN7k-f312fq-25-*******
      2.3HardwareCiscoN7k-m202cf-22l-*******
      2.3HardwareCiscoN7k-m206fq-23l-*******
      2.3HardwareCiscoN7k-m224xp-23l-*******
      2.3HardwareCiscoN7k-m324fq-25l-*******
      2.3HardwareCiscoN7k-m348xp-25l-*******
      2.3HardwareCiscoNexus 7000 Supervisor 1-*******
      2.3HardwareCiscoNexus 7000 Supervisor 2-*******
      2.3HardwareCiscoNexus 7000 Supervisor 2e-*******
      2.3HardwareCiscoNexus 7700 Supervisor 2e-*******
      2.3HardwareCiscoNexus 7700 Supervisor 3e-*******
  • AND
    • OR - Configuration 6
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSCiscoFx-os********2.2.2.91
      2.3OSCiscoFx-os********2.32.3.1.130
      2.3OSCiscoFx-os********2.42.4.1.222
      2.3OSCiscoFx-os********2.62.6.1.131
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3HardwareCiscoFirepower 4110-*******
      2.3HardwareCiscoFirepower 4120-*******
      2.3HardwareCiscoFirepower 4140-*******
      2.3HardwareCiscoFirepower 4150-*******
      2.3HardwareCiscoFirepower 9300 With 1 Sm-24 Module-*******
      2.3HardwareCiscoFirepower 9300 With 1 Sm-36 Module-*******
      2.3HardwareCiscoFirepower 9300 With 1 Sm-44 Module-*******
      2.3HardwareCiscoFirepower 9300 With 3 Sm-44 Module-*******
  • AND
    • OR - Configuration 7
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSCiscoNx-os********14.0(2c)
      2.3OSCiscoNx-os********14.114.1(1i)
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3HardwareCisco9432pq-*******
      2.3HardwareCisco9536pq-*******
      2.3HardwareCisco9636pq-*******
      2.3HardwareCisco9736pq-*******
      2.3HardwareCiscoN9k-x9432c-s-*******
      2.3HardwareCiscoN9k-x9464px-*******
      2.3HardwareCiscoN9k-x9464tx2-*******
      2.3HardwareCiscoN9k-x9564px-*******
      2.3HardwareCiscoN9k-x9564tx-*******
      2.3HardwareCiscoN9k-x9636c-r-*******
      2.3HardwareCiscoN9k-x9636c-rx-*******
      2.3HardwareCiscoN9k-x97160yc-ex-*******
      2.3HardwareCiscoN9k-x9732c-ex-*******
      2.3HardwareCiscoN9k-x9732c-fx-*******
      2.3HardwareCiscoN9k-x9736c-ex-*******
      2.3HardwareCiscoN9k-x9736c-fx-*******
      2.3HardwareCiscoN9k-x9788tc-fx-*******
      2.3HardwareCiscoNexus 92160yc-x-*******
      2.3HardwareCiscoNexus 92300yc-*******
      2.3HardwareCiscoNexus 93108tc-ex-*******
      2.3HardwareCiscoNexus 93108tc-fx-*******
      2.3HardwareCiscoNexus 93120tx-*******
      2.3HardwareCiscoNexus 9316d-gx-*******
      2.3HardwareCiscoNexus 93180lc-ex-*******
      2.3HardwareCiscoNexus 93180yc-ex-*******
      2.3HardwareCiscoNexus 93180yc-fx-*******
      2.3HardwareCiscoNexus 93216tc-fx2-*******
      2.3HardwareCiscoNexus 93240yc-fx2-*******
      2.3HardwareCiscoNexus 9332c-*******
      2.3HardwareCiscoNexus 93360yc-fx2-*******
      2.3HardwareCiscoNexus 9336c-fx2-*******
      2.3HardwareCiscoNexus 9348gc-fxp-*******
      2.3HardwareCiscoNexus 93600cd-gx-*******
      2.3HardwareCiscoNexus 9364c-*******
      2.3HardwareCiscoNexus 9500 Supervisor A-*******
      2.3HardwareCiscoNexus 9500 Supervisor A-*******
      2.3HardwareCiscoNexus 9500 Supervisor B-*******
      2.3HardwareCiscoNexus 9500 Supervisor B-*******
      2.3HardwareCiscoNexus 9504-*******
      2.3HardwareCiscoNexus 9508-*******
      2.3HardwareCiscoNexus 9516-*******
      2.3HardwareCiscoX9636q-r-*******
  • AND
    • OR - Configuration 8
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSCiscoNx-os********6.0(2)a8(4)
      2.3OSCiscoNx-os********7.0(3)i77.0(3)i7(2)
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3HardwareCiscoNexus 3524-x/xl-*******
      2.3HardwareCiscoNexus 3548-x/xl-*******
  • AND
    • OR - Configuration 9
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSCiscoNx-os********5.2(1)sv3(4.1a)
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3HardwareCiscoNexus 1000v-****hyper-v**
      2.3HardwareCiscoNexus 1000v-****vmware_vsphere**

Vulnerable Software List

VendorProductVersions
Cisco Fx-os *
Cisco Nx-os *

References

NameSourceURLTags
108358http://www.securityfocus.com/bid/108358BIDThird Party Advisory VDB Entry
20190515 Cisco FXOS and NX-OS Software Simple Network Management Protocol Denial of Service Vulnerabilityhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-snmp-doCISCOVendor Advisory