CERTFR-2019-AVI-414
Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Elles permettent à un attaquant de provoquer un déni de service, un contournement de la politique de sécurité et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None
Impacted products
Vendor Product Description
Cisco N/A Cisco Integrated Services Virtual Router
Cisco NX-OS Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 9500 R-Series Switches et Nexus 9000 Series Switches en mode Standalone NX-OS versions antérieures à 9.2(3)
Cisco N/A Nexus 7000 et 7700 Series Switches dans les branches 8.0, 8.1 et 8.2 aux versions antérieures à 8.2(3)
Cisco N/A Nexus 9000 Series Fabric Switches en mode ACI Mode dans la branche 14.1 aux versions antérieures à 14.1(1i)
Cisco N/A Firepower 4100 Series et Firepower 9300 Security dans la branche 2.4 aux versions antérieures à 2.4.1.222
Cisco N/A UCS 6200, 6300 et 6400 Series Fabric Interconnects dans toutes les versions
Cisco N/A Nexus 7000 et 7700 Series Switches dans les branches 7.x aux versions antérieures à 7.3(4)D1(1)
Cisco N/A Cisco 4000 Series Integrated Services Routers
Cisco N/A MDS 9000 Series versions antérieures à 6.2(29) (Version prévue pour septembre 2019)
Cisco N/A Nexus 7000 et 7700 Series Switches dans la branche 8.3 aux versions antérieures à 8.4(1)
Cisco N/A Nexus 5500 et 5600 Platform Switches et Nexus 6000 Series Switches, versions antérieures à 7.1(5)N1(1b), ou, pour la branche 7.3, aux versions antérieures à 7.3(5)N1(1)
Cisco N/A Nexus 7000 et 7700 Series Switches versions antérieures à 6.2(22)
Cisco N/A MDS 9000 Series dans les branches 7.3 à 8.4 aux versions antérieures à 8.4(1)
Cisco N/A Firepower 4100 Series et Firepower 9300 Security dans la branche 2.3 aux versions antérieures à 2.3.1.130
Cisco N/A Nexus 1000V Switch for Microsoft Hyper-V versions antérieures à 5.2(1)SV3(4.1a)
Cisco N/A Cisco Cloud Services Router 1000V Series
Cisco N/A Nexus 9000 Series Fabric Switches en mode ACI Mode aux versions antérieures à 13.2(7k)
Cisco N/A Firepower 4100 Series et Firepower 9300 Security versions antérieures à 2.2.2.91
Cisco N/A Nexus 9000 Series Fabric Switches en mode ACI Mode dans la branche 14.0 aux versions antérieures à 14.0(2c)
Cisco N/A Cisco ASR 1000 Series Aggregation Services Routers
Cisco N/A Nexus 1000 Virtual Edge for VMware vSphere, versions antérieures à 5.2(1)SV5(1.2)
References

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco Integrated Services Virtual Router",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 9500 R-Series Switches et Nexus 9000 Series Switches en mode Standalone NX-OS versions ant\u00e9rieures \u00e0 9.2(3)",
      "product": {
        "name": "NX-OS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Nexus 7000 et 7700 Series Switches dans les branches 8.0, 8.1 et 8.2 aux versions ant\u00e9rieures \u00e0 8.2(3)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Nexus 9000 Series Fabric Switches en mode ACI Mode dans la branche 14.1 aux versions ant\u00e9rieures \u00e0 14.1(1i)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Firepower 4100 Series et Firepower 9300 Security dans la branche 2.4 aux versions ant\u00e9rieures \u00e0 2.4.1.222",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "UCS 6200, 6300 et 6400 Series Fabric Interconnects dans toutes les versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Nexus 7000 et 7700 Series Switches dans les branches 7.x aux versions ant\u00e9rieures \u00e0 7.3(4)D1(1)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco 4000 Series Integrated Services Routers",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "MDS 9000 Series versions ant\u00e9rieures \u00e0 6.2(29) (Version pr\u00e9vue pour septembre 2019)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Nexus 7000 et 7700 Series Switches dans la branche 8.3 aux versions ant\u00e9rieures \u00e0 8.4(1)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Nexus 5500 et 5600 Platform Switches et Nexus 6000 Series Switches, versions ant\u00e9rieures \u00e0 7.1(5)N1(1b), ou, pour la branche 7.3, aux versions ant\u00e9rieures \u00e0 7.3(5)N1(1)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Nexus 7000 et 7700 Series Switches versions ant\u00e9rieures \u00e0 6.2(22)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "MDS 9000 Series dans les branches 7.3 \u00e0 8.4 aux versions ant\u00e9rieures \u00e0 8.4(1)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Firepower 4100 Series et Firepower 9300 Security dans la branche 2.3 aux versions ant\u00e9rieures \u00e0 2.3.1.130",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Nexus 1000V Switch for Microsoft Hyper-V versions ant\u00e9rieures \u00e0 5.2(1)SV3(4.1a)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Cloud Services Router 1000V Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Nexus 9000 Series Fabric Switches en mode ACI Mode aux versions ant\u00e9rieures \u00e0 13.2(7k)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Firepower 4100 Series et Firepower 9300 Security versions ant\u00e9rieures \u00e0 2.2.2.91",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Nexus 9000 Series Fabric Switches en mode ACI Mode dans la branche 14.0 aux versions ant\u00e9rieures \u00e0 14.0(2c)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ASR 1000 Series Aggregation Services Routers",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Nexus 1000 Virtual Edge for VMware vSphere, versions ant\u00e9rieures \u00e0 5.2(1)SV5(1.2)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-1964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1964"
    },
    {
      "name": "CVE-2019-1962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1962"
    },
    {
      "name": "CVE-2019-12643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12643"
    },
    {
      "name": "CVE-2019-1965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1965"
    },
    {
      "name": "CVE-2019-1966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1966"
    },
    {
      "name": "CVE-2019-1963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1963"
    }
  ],
  "initial_release_date": "2019-08-29T00:00:00",
  "last_revision_date": "2019-08-29T00:00:00",
  "links": [],
  "reference": "CERTFR-2019-AVI-414",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-08-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service, un\ncontournement de la politique de s\u00e9curit\u00e9 et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco sur NX-OS Software IPv6 du 28 ao\u00fbt 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ipv6-dos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco sur IOS XE Software du 29 ao\u00fbt 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-iosxe-rest-auth-bypass"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco sur UCS du 28 ao\u00fbt 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-ucs-privescalation"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco sur NX-OS Software Cisco Fabric Services over IP du 28 ao\u00fbt 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-fsip-dos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco sur FX et NX-OS Software du 28 ao\u00fbt 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco sur NX-OS Software Remote Management du 28 ao\u00fbt 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-memleak-dos"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.