==================================================================== CERT-Renater Note d'Information No. 2019/VULN073 _____________________________________________________________________ DATE : 28/03/2019 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Cisco IOS, Cisco IOS XE. ===================================================================== https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-eta-dos https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-sms-dos https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-cmp-dos https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-xecmd https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-afu https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-privesc https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-cmdinject https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-pe https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-cmdinj https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-rsp3-ospf https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-xeid https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-evss https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-nat64 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-isdn https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-pnp-cert https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ipsla-dos https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-nbar _____________________________________________________________________ Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2019-March-27. The following PSIRT security advisories (17 High) were published at 16:00 UTC today. Table of Contents: 1) Cisco IOS XE Software Encrypted Traffic Analytics Denial of Service Vulnerability - SIR: High 2) Cisco IOS and IOS XE Software Short Message Service Denial of Service Vulnerability - SIR: High 3) Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability - SIR: High 4) Cisco IOS XE Software Command Injection Vulnerability - SIR: High 5) Cisco IOS XE Software Arbitrary File Upload Vulnerability - SIR: High 6) Cisco IOS XE Software Privilege Escalation Vulnerability - SIR: High 7) Cisco IOS XE Software Command Injection Vulnerability - SIR: High 8) Cisco IOS XE Software Privilege Escalation Vulnerability - SIR: High 9) Cisco IOS XE Software Command Injection Vulnerability - SIR: High 10) Cisco Aggregation Services Router 900 Route Switch Processor 3 OSPFv2 Denial of Service Vulnerability - SIR: High 11) Cisco IOS XE Software Information Disclosure Vulnerability - SIR: High 12) Cisco IOS XE Software Catalyst 4500 Cisco Discovery Protocol Denial of Service Vulnerability - SIR: High 13) Cisco IOS Software NAT64 Denial of Service Vulnerability - SIR: High 14) Cisco IOS and IOS XE Software ISDN Interface Denial of Service Vulnerability - SIR: High 15) Cisco IOS and IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability - SIR: High 16) Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability - SIR: High 17) Cisco IOS and IOS XE Software Network-Based Application Recognition Denial of Service Vulnerabilities - SIR: High +-------------------------------------------------------------------- 1) Cisco IOS XE Software Encrypted Traffic Analytics Denial of Service Vulnerability CVE-2019-1741 SIR: High CVSS Score v(3.0): 8.6 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-eta-dos ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-eta-dos"] +-------------------------------------------------------------------- 2) Cisco IOS and IOS XE Software Short Message Service Denial of Service Vulnerability CVE-2019-1747 SIR: High CVSS Score v(3.0): 8.6 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-sms-dos ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-sms-dos"] +-------------------------------------------------------------------- 3) Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability CVE-2019-1746 SIR: High CVSS Score v(3.0): 7.4 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-cmp-dos ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-cmp-dos"] +-------------------------------------------------------------------- 4) Cisco IOS XE Software Command Injection Vulnerability CVE-2019-1745 SIR: High CVSS Score v(3.0): 8.8 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-xecmd ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-xecmd"] +-------------------------------------------------------------------- 5) Cisco IOS XE Software Arbitrary File Upload Vulnerability CVE-2019-1743 SIR: High CVSS Score v(3.0): 8.8 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-afu ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-afu"] +-------------------------------------------------------------------- 6) Cisco IOS XE Software Privilege Escalation Vulnerability CVE-2019-1754 SIR: High CVSS Score v(3.0): 8.8 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-privesc ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-privesc"] +-------------------------------------------------------------------- 7) Cisco IOS XE Software Command Injection Vulnerability CVE-2019-1756 SIR: High CVSS Score v(3.0): 7.2 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-cmdinject ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-cmdinject"] +-------------------------------------------------------------------- 8) Cisco IOS XE Software Privilege Escalation Vulnerability CVE-2019-1753 SIR: High CVSS Score v(3.0): 8.8 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-pe ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-pe"] +-------------------------------------------------------------------- 9) Cisco IOS XE Software Command Injection Vulnerability CVE-2019-1755 SIR: High CVSS Score v(3.0): 6.5 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-cmdinj ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-cmdinj"] +-------------------------------------------------------------------- 10) Cisco Aggregation Services Router 900 Route Switch Processor 3 OSPFv2 Denial of Service Vulnerability CVE-2019-1749 SIR: High CVSS Score v(3.0): 7.4 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-rsp3-ospf ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-rsp3-ospf"] +-------------------------------------------------------------------- 11) Cisco IOS XE Software Information Disclosure Vulnerability CVE-2019-1742 SIR: High CVSS Score v(3.0): 7.5 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-xeid ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-xeid"] +-------------------------------------------------------------------- 12) Cisco IOS XE Software Catalyst 4500 Cisco Discovery Protocol Denial of Service Vulnerability CVE-2019-1750 SIR: High CVSS Score v(3.0): 7.4 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-evss ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-evss"] +-------------------------------------------------------------------- 13) Cisco IOS Software NAT64 Denial of Service Vulnerability CVE-2019-1751 SIR: High CVSS Score v(3.0): 8.6 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-nat64 ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-nat64"] +-------------------------------------------------------------------- 14) Cisco IOS and IOS XE Software ISDN Interface Denial of Service Vulnerability CVE-2019-1752 SIR: High CVSS Score v(3.0): 8.6 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-isdn ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-isdn"] +-------------------------------------------------------------------- 15) Cisco IOS and IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability CVE-2019-1748 SIR: High CVSS Score v(3.0): 7.4 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-pnp-cert ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-pnp-cert"] +-------------------------------------------------------------------- 16) Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability CVE-2019-1737 SIR: High CVSS Score v(3.0): 8.6 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ipsla-dos ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ipsla-dos"] +-------------------------------------------------------------------- 17) Cisco IOS and IOS XE Software Network-Based Application Recognition Denial of Service Vulnerabilities CVE-2019-1738, CVE-2019-1739, CVE-2019-1740 SIR: High CVSS Score v(3.0): 8.6 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-nbar ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-nbar"] ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================