CVE-2019-1697

A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets sent to an affected device. An attacker could exploit these vulnerabilities by sending a crafted LDAP packet, using Basic Encoding Rules (BER), to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

CVSS v3 6.8 MEDIUM
CVSS v2.0 7.8 HIGH

6.8^/10

CVSS v3 : MEDIUM

V3 Legend

Vector : AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

Exploitability : 2.2 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://www.securityfocus.com/bid/108182
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftds-ldapdos	Vendor Advisory
http://www.securityfocus.com/bid/108182
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftds-ldapdos	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:cisco:adaptive_security_appliance_software::::::::
	cpe:2.3:o:cisco:adaptive_security_appliance_software::::::::
	cpe:2.3:o:cisco:adaptive_security_appliance_software::::::::
	cpe:2.3:o:cisco:adaptive_security_appliance_software::::::::

OR	cpe:2.3:h:cisco:asa_5505:-:::::::*
	cpe:2.3:h:cisco:asa_5510:-:::::::*
	cpe:2.3:h:cisco:asa_5512-x:-:::::::*
	cpe:2.3:h:cisco:asa_5515-x:-:::::::*
	cpe:2.3:h:cisco:asa_5520:-:::::::*
	cpe:2.3:h:cisco:asa_5525-x:-:::::::*
	cpe:2.3:h:cisco:asa_5540:-:::::::*
	cpe:2.3:h:cisco:asa_5545-x:-:::::::*
	cpe:2.3:h:cisco:asa_5550:-:::::::*
	cpe:2.3:h:cisco:asa_5555-x:-:::::::*
	cpe:2.3:h:cisco:asa_5580:-:::::::*
	cpe:2.3:h:cisco:asa_5585-x:-:::::::*

Configuration 2 (hide)

OR	cpe:2.3:a:cisco:firepower_threat_defense::::::::
	cpe:2.3:a:cisco:firepower_threat_defense::::::::

History

21 Nov 2024, 04:37

Type	Values Removed	Values Added
CVSS	v2 : ~~7.8~~ v3 : ~~7.5~~	v2 : 7.8 v3 : 6.8
References	~~() http://www.securityfocus.com/bid/108182 -~~	() http://www.securityfocus.com/bid/108182 -
References	~~() https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftds-ldapdos - Vendor Advisory~~	() https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftds-ldapdos - Vendor Advisory

15 Aug 2023, 15:24

Type	Values Removed	Values Added
CPE		cpe:2.3:o:cisco:adaptive_security_appliance_software::::::::

Information

Published : 2019-05-03 16:29

Updated : 2024-11-21 04:37

NVD link : CVE-2019-1697

Mitre link : CVE-2019-1697

CVE.ORG link : CVE-2019-1697

JSON object : View

Products Affected

cisco

asa_5550
asa_5515-x
asa_5540
asa_5555-x
firepower_threat_defense
asa_5580
asa_5520
asa_5545-x
asa_5505
asa_5585-x
asa_5525-x
adaptive_security_appliance_software
asa_5510
asa_5512-x

CWE

CWE-20

Improper Input Validation

6.8 /10

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

7.8 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

JSON object

Attach tags to CVE-2019-1697

6.8^/10

7.8^/10

Attach tags to `CVE-2019-1697`