CVE-2019-1750

Published Mar 28, 2019

Last updated 5 years ago

Overview

Description: A vulnerability in the Easy Virtual Switching System (VSS) of Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an unauthenticated, adjacent attacker to cause the switches to reload. The vulnerability is due to incomplete error handling when processing Cisco Discovery Protocol (CDP) packets used with the Easy Virtual Switching System. An attacker could exploit this vulnerability by sending a specially crafted CDP packet. An exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.
Source: ykramarz@cisco.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.4
Impact score: 4
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 6.1
Impact score: 6.9
Exploitability score: 6.5
Vector string: AV:A/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-388
ykramarz@cisco.com: CWE-20

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.0ae:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC32DB11-4E23-492E-A00E-E0DBF9131C64"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.0be:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DA2306E8-ABFD-4C37-A911-7B35A654147C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.0e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "455DAAB8-83B4-44B9-B2F7-2DC9EA796898"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.1e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F462360-3597-420B-ACB8-44A6F622C8B9"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.2ae:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39DED4C1-E7AF-48E0-8B1A-839A87E52992"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.2e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96CA4E70-28BE-434C-811A-C16474CFD87C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.3e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E77A9A46-517E-467B-A702-E6F6DD9FCD96"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.4e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD485792-290B-4553-AAB2-DA7427DE7131"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.5ae:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB7139C7-3C02-46C9-8F89-CB517A706CC9"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.5be:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0AD00E6-A155-4CCB-B329-7B536BEBC976"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.5e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D365DFD-C99B-4F33-9A90-1162C7A4D3EB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.6e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "671F6847-6855-41BF-A148-944AEEB32A5D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.7ae:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7207B1F1-AF21-4C02-A163-4289503A026C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.7be:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7CC0497-24F5-42ED-99A6-4C8642F73F08"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.7e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "120DA9BF-1153-41C8-B80D-3F99E0E28A8F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.8e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89812FA8-230C-4F62-8AA8-7F13FA86B805"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.9e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D17DB28-2559-4837-8B4B-7CC722D73324"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.10e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D92991EE-BB4A-499D-8F14-F7D0E32BE31E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.7.0e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A56AE607-0AD0-487A-A266-C15EAF40F2CB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.7.1e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F8B8DBC-F273-4ADE-97F4-584DE23F1CEB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.7.2e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "705971E9-7FB4-43EA-A1AE-C91865EADE16"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.7.3e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F481A851-D607-4CEF-87C5-147FFBC97D3A"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.8.0e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "013DD522-1561-4468-A350-C872B78FC291"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.8.1e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6907E1FE-760E-4557-A472-1A1F0052B82B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.8.2e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62291CDD-A775-44B4-85F3-CE1D494F55FE"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.8.3e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "658EDFE2-6EC8-4DD3-AACA-C168F942712A"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.8.4e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9FCBE369-81ED-4C94-8C44-53C6F4A087CC"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.8.5ae:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90005E78-413A-47D7-82B3-A3011E6B118D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.8.5e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D764D126-4604-43DD-9A66-BDD32565D893"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.8.6e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA25E3C0-24C1-479C-8C8F-A6FB9C5002FC"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.8.7e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06067D8B-79BD-4982-909F-7C08BE5660C3"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.9.0e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9EC727B-AF92-460D-B61D-F45ECEEE5D56"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.9.1e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5604A84-8240-45B6-9027-B03AA549CD5C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.9.2be:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "895DAB3D-5C14-4D0B-94FA-EB7C7C7BB0EA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.9.2e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B9846AE-1344-4EE4-9FDF-6CE17D9461FD"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.0ce:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3363DF79-8A5A-4BE2-B04C-253A4A3A0ADA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.0e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25725655-EBDE-4538-8AE1-CF5C81F09C5E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.1ae:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A98F2654-46F3-4C63-A2C2-48B372C655B1"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.1e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D4E206B-37BF-4D61-BE90-80BB65C0C582"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.1se:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17674BAD-F2F1-4E63-AAE0-FEAC14C37CBE"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.2e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4117E2EC-F58A-4B22-AB72-FC63A0D96E7E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2h:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E275E7D-C89D-42DE-9301-C19A54FEE964"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Configurations

References