CVE-2019-1806

15.05.2019, 22:29

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Small Business Sx200, Sx300, Sx500, ESW2 Series Managed Switches and Small Business Sx250, Sx350, Sx550 Series Switches could allow an authenticated, remote attacker to cause the SNMP application of an affected device to cease processing traffic, resulting in the CPU utilization reaching one hundred percent. Manual intervention may be required before a device resumes normal operations. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a malicious SNMP packet to an affected device. A successful exploit could allow the attacker to cause the device to cease forwarding traffic, which could result in a denial of service (DoS) condition. Cisco has released firmware updates that address this vulnerability.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.7 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
cisco	CNA	7.7 HIGH	NETWORK	LOW	LOW	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 74%

Vendor	Product	Version
cisco	sf200-24_firmware	𝑥 < 1.4.10.6
cisco	sf200-24p_firmware	𝑥 < 1.4.10.6
cisco	sf200-48_firmware	𝑥 < 1.4.10.6
cisco	sf200-48p_firmware	𝑥 < 1.4.10.6
cisco	sg200-18_firmware	𝑥 < 1.4.10.6
cisco	sg200-26_firmware	𝑥 < 1.4.10.6
cisco	sg200-26p_firmware	𝑥 < 1.4.10.6
cisco	sg200-50_firmware	𝑥 < 1.4.10.6
cisco	sg200-50p_firmware	𝑥 < 1.4.10.6
cisco	sg300-10_firmware	𝑥 < 1.4.10.6
cisco	sg300-10mp_firmware	𝑥 < 1.4.10.6
cisco	sg300-10mpp_firmware	𝑥 < 1.4.10.6
cisco	sg300-10sfp_firmware	𝑥 < 1.4.10.6
cisco	sg300-10p_firmware	𝑥 < 1.4.10.6
cisco	sg300-10pp_firmware	𝑥 < 1.4.10.6
cisco	sg300-20_firmware	𝑥 < 1.4.10.6
cisco	sg300-28_firmware	𝑥 < 1.4.10.6
cisco	sg300-28p_firmware	𝑥 < 1.4.10.6
cisco	sg300-28pp_firmware	𝑥 < 1.4.10.6
cisco	sg300-28mp_firmware	𝑥 < 1.4.10.6
cisco	sg300-28sfp_firmware	𝑥 < 1.4.10.6
cisco	sg300-52_firmware	𝑥 < 1.4.10.6
cisco	sg300-52p_firmware	𝑥 < 1.4.10.6
cisco	sg300-52mp_firmware	𝑥 < 1.4.10.6
cisco	sf300-08_firmware	𝑥 < 1.4.10.6
cisco	sf302-08_firmware	𝑥 < 1.4.10.6
cisco	sf302-08mp_firmware	𝑥 < 1.4.10.6
cisco	sf302-08p_firmware	𝑥 < 1.4.10.6
cisco	sf302-08pp_firmware	𝑥 < 1.4.10.6
cisco	sf302-08mpp_firmware	𝑥 < 1.4.10.6
cisco	sf300-24_firmware	𝑥 < 1.4.10.6
cisco	sf300-24p_firmware	𝑥 < 1.4.10.6
cisco	sf300-24mp_firmware	𝑥 < 1.4.10.6
cisco	sf300-24pp_firmware	𝑥 < 1.4.10.6
cisco	sf300-48_firmware	𝑥 < 1.4.10.6
cisco	sf300-48p_firmware	𝑥 < 1.4.10.6
cisco	sf300-48pp_firmware	𝑥 < 1.4.10.6
cisco	sf500-24_firmware	𝑥 < 1.4.10.6
cisco	sf500-24p_firmware	𝑥 < 1.4.10.6
cisco	sf500-24mp_firmware	𝑥 < 1.4.10.6
cisco	sf500-48_firmware	𝑥 < 1.4.10.6
cisco	sf500-48p_firmware	𝑥 < 1.4.10.6
cisco	sf500-48mp_firmware	𝑥 < 1.4.10.6
cisco	sg500-28_firmware	𝑥 < 1.4.10.6
cisco	sg500-28p_firmware	𝑥 < 1.4.10.6
cisco	sg500-28mpp_firmware	𝑥 < 1.4.10.6
cisco	sg500-52_firmware	𝑥 < 1.4.10.6
cisco	sg500-52p_firmware	𝑥 < 1.4.10.6
cisco	sg500-52mp_firmware	𝑥 < 1.4.10.6
cisco	sg500x-24_firmware	𝑥 < 1.4.10.6
cisco	sg500x-24p_firmware	𝑥 < 1.4.10.6
cisco	sg500x24mpp_firmware	𝑥 < 1.4.10.6
cisco	sg500x-48_firmware	𝑥 < 1.4.10.6
cisco	sg500x-48p_firmware	𝑥 < 1.4.10.6
cisco	sg500x-48mp_firmware	𝑥 < 1.4.10.6
cisco	sg500xg8f8t_firmware	𝑥 < 1.4.10.6
cisco	esw2-350g52dc_firmware	𝑥 < 1.4.10.6
cisco	esw2-550x48dc_firmware	𝑥 < 1.4.10.6
cisco	sg250x-24_firmware	𝑥 < 2.5.0.78
cisco	sg250x-24p_firmware	𝑥 < 2.5.0.78
cisco	sg250x-48_firmware	𝑥 < 2.5.0.78
cisco	sg250x-48p_firmware	𝑥 < 2.5.0.78
cisco	sg250-08_firmware	𝑥 < 2.5.0.78
cisco	sg250-08hp_firmware	𝑥 < 2.5.0.78
cisco	sg250-10p_firmware	𝑥 < 2.5.0.78
cisco	sg250-18_firmware	𝑥 < 2.5.0.78
cisco	sg250-26_firmware	𝑥 < 2.5.0.78
cisco	sg250-26hp_firmware	𝑥 < 2.5.0.78
cisco	sg250-26p_firmware	𝑥 < 2.5.0.78
cisco	sg250-50_firmware	𝑥 < 2.5.0.78
cisco	sg250-50hp_firmware	𝑥 < 2.5.0.78
cisco	sg250-50p_firmware	𝑥 < 2.5.0.78
cisco	sf250-24_firmware	𝑥 < 2.5.0.78
cisco	sf250-24p_firmware	𝑥 < 2.5.0.78
cisco	sf250-48_firmware	𝑥 < 2.5.0.78
cisco	sf250-48hp_firmware	𝑥 < 2.5.0.78
cisco	sg350-10_firmware	𝑥 < 2.5.0.78
cisco	sg350-10p_firmware	𝑥 < 2.5.0.78
cisco	sg350-10mp_firmware	𝑥 < 2.5.0.78
cisco	sg355-10p_firmware	𝑥 < 2.5.0.78
cisco	sg350-28_firmware	𝑥 < 2.5.0.78
cisco	sg350-28p_firmware	𝑥 < 2.5.0.78
cisco	sg350-28mp_firmware	𝑥 < 2.5.0.78
cisco	sf350-48_firmware	𝑥 < 2.5.0.78
cisco	sf350-48p_firmware	𝑥 < 2.5.0.78
cisco	sf350-48mp_firmware	𝑥 < 2.5.0.78
cisco	sx550x-16ft_firmware	𝑥 < 2.5.0.78
cisco	sx550x-24ft_firmware	𝑥 < 2.5.0.78
cisco	sx550x-12f_firmware	𝑥 < 2.5.0.78
cisco	sx550x-24f_firmware	𝑥 < 2.5.0.78
cisco	sx550x-24_firmware	𝑥 < 2.5.0.78
cisco	sx550x-52_firmware	𝑥 < 2.5.0.78
cisco	sg550x-24_firmware	𝑥 < 2.5.0.78
cisco	sg550x-24p_firmware	𝑥 < 2.5.0.78
cisco	sg550x-24mp_firmware	𝑥 < 2.5.0.78
cisco	sg550x-24mpp_firmware	𝑥 < 2.5.0.78
cisco	sg550x-48_firmware	𝑥 < 2.5.0.78
cisco	sg550x-48p_firmware	𝑥 < 2.5.0.78
cisco	sg550x-48mp_firmware	𝑥 < 2.5.0.78
cisco	sf550x-24_firmware	𝑥 < 2.5.0.78
cisco	sf550x-24p_firmware	𝑥 < 2.5.0.78
cisco	sf550x-24mp_firmware	𝑥 < 2.5.0.78
cisco	sf550x-48_firmware	𝑥 < 2.5.0.78
cisco	sf550x-48p_firmware	𝑥 < 2.5.0.78
cisco	sf550x-48mp_firmware	𝑥 < 2.5.0.78

𝑥

= Vulnerable software versions

Common Weakness Enumeration

References

http://www.securityfocus.com/bid/108335

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-sb-snmpdos

http://www.securityfocus.com/bid/108335

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-sb-snmpdos