cisco-sa-20190306-nxosldap

Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities

cisco-sa-20190306-nxosldap · High · Published 7 years ago · Updated 7 years ago

Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets by an affected device. An attacker could exploit these vulnerabilities by sending an LDAP packet crafted using Basic Encoding Rules (BER) to an affected device. The LDAP packet must have a source IP address of an LDAP server configured on the targeted device. A successful exploit could cause the affected device to reload, resulting in a DoS condition. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxosldap This advisory is part of the March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication, which includes 25 Cisco Security Advisories that describe 26 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address these vulnerabilities.

CVEs	CVE-2019-1597, CVE-2019-1598
Cisco Bug IDs	CSCvd40241, CSCvd57308, CSCve02855, CSCve02871, CSCve57820, CSCve02867, CSCve58224, CSCve02858, CSCve02865, CSCve57816
CVSS Score	Base 8.6 Base 8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:X/RL:X/RC:X
Product Names From Source	Cisco Unified Computing System (Managed), Cisco NX-OS Software 4.1(2), Cisco NX-OS Software 4.1(3), Cisco NX-OS Software 4.1(4), Cisco NX-OS Software 4.1(5), Cisco NX-OS Software 5.0(2a), Cisco NX-OS Software 5.0(3), Cisco NX-OS Software 5.0(5), Cisco NX-OS Software 5.0(2), Cisco NX-OS Software 4.2(2a), Cisco NX-OS Software 4.2(3), Cisco NX-OS Software 4.2(4), Cisco NX-OS Software 4.2(6), Cisco NX-OS Software 4.2(8), Cisco NX-OS Software 5.1(1), Cisco NX-OS Software 5.1(1a), Cisco NX-OS Software 5.1(3), Cisco NX-OS Software 5.1(4), Cisco NX-OS Software 5.1(5), Cisco NX-OS Software 5.1(6), Cisco NX-OS Software 5.1(2), Cisco NX-OS Software 5.2(3a), Cisco NX-OS Software 5.2(4), Cisco NX-OS Software 5.2(5), Cisco NX-OS Software 5.2(7), Cisco NX-OS Software 5.2(9), Cisco NX-OS Software 5.2(3), Cisco NX-OS Software 5.2(9a), Cisco NX-OS Software 6.1(1), Cisco NX-OS Software 6.1(2), Cisco NX-OS Software 6.1(3), Cisco NX-OS Software 6.1(4), Cisco NX-OS Software 6.1(4a), Cisco NX-OS Software 6.1(5), Cisco NX-OS Software 6.1(3)S5, Cisco NX-OS Software 6.1(3)S6, Cisco NX-OS Software 6.1(5a), Cisco NX-OS Software 6.0(1), Cisco NX-OS Software 6.0(2), Cisco NX-OS Software 6.0(3), Cisco NX-OS Software 6.0(4), Cisco NX-OS Software 6.1(2)I1(1), Cisco NX-OS Software 6.1(2)I3(3.78), Cisco NX-OS Software 6.1(2)I3(3b), Cisco NX-OS Software 7.0(3), Cisco NX-OS Software 7.0(2)I2(2c), Cisco NX-OS Software 7.3(1)D1(1B), Cisco NX-OS Software 7.3(1)N1(0.1), Cisco Firepower Extensible Operating System (FXOS) 2.0.1.68, Cisco Firepower Extensible Operating System (FXOS), Cisco NX-OS Software

Related Products

Product	CVE	Evidence
Firepower Extensible Operating System	CVE-2019-1598	Cisco OpenVuln
Firepower Extensible Operating System	CVE-2019-1597	Cisco OpenVuln
Cisco Unified Computing System (Managed)	CVE-2019-1598	Cisco OpenVuln
Cisco Unified Computing System (Managed)	CVE-2019-1597	Cisco OpenVuln
Cisco NX-OS Software	CVE-2019-1598	Cisco OpenVuln
Cisco NX-OS Software	CVE-2019-1597	Cisco OpenVuln
Cisco Firepower Extensible Operating System (FXOS)	CVE-2019-1598	Cisco OpenVuln
Cisco Firepower Extensible Operating System (FXOS)	CVE-2019-1597	Cisco OpenVuln
Cisco Firepower Extensible Operating System	CVE-2019-1598	Cisco OpenVuln
Cisco Firepower Extensible Operating System	CVE-2019-1597	Cisco OpenVuln

Vulnslist

find the latest Cisco vulnerabilities

Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities

Workarounds

Related Products