Cisco IP Phone 7800/IP Phone 8800 up to 12.6 Link Layer Discovery Protocol LDP Packet resource management
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.7 | $0-$5k | 0.00 |
A vulnerability classified as problematic was found in Cisco IP Phone 7800 and IP Phone 8800 up to 12.6 (IP Phone Software). This vulnerability affects an unknown code of the component Link Layer Discovery Protocol. The manipulation as part of a LDP Packet leads to a resource management vulnerability. The CWE definition for the vulnerability is CWE-399. As an impact it is known to affect availability. CVE summarizes:
A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to missing length validation of certain Cisco Discovery Protocol or LLDP packet header fields. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. Versions prior to 12.6(1)MN80 are affected.
The bug was discovered 02/20/2019. The weakness was released 02/21/2019 as cisco-sa-20190220-cdp-lldp-dos as confirmed advisory (Website). The advisory is available at tools.cisco.com. This vulnerability was named CVE-2019-1684 since 12/06/2018. The attack needs to be initiated within the local network. No form of authentication is required for a successful exploitation. The technical details are unknown and an exploit is not available.
The vulnerability was handled as a non-public zero-day exploit for at least 1 days. During that time the estimated underground price was around $5k-$25k.
Upgrading to version 12.6(1)MN80 eliminates this vulnerability.
Product
Type
Vendor
Name
Version
License
Support
- end of life (old version)
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.8VulDB Meta Temp Score: 5.7
VulDB Base Score: 4.3
VulDB Temp Score: 4.1
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 6.5
NVD Vector: 🔍
CNA Base Score: 6.5
CNA Vector (Cisco Systems, Inc.): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Resource managementCWE: CWE-399 / CWE-404
CAPEC: 🔍
ATT&CK: 🔍
Local: No
Remote: Partially
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: IP Phone 7800/IP Phone 8800 12.6(1)MN80
Timeline
12/06/2018 🔍02/20/2019 🔍
02/21/2019 🔍
02/22/2019 🔍
07/19/2023 🔍
Sources
Vendor: cisco.comAdvisory: cisco-sa-20190220-cdp-lldp-dos
Status: Confirmed
CVE: CVE-2019-1684 (🔍)
SecurityFocus: 107104
Entry
Created: 02/22/2019 06:54Updated: 07/19/2023 07:34
Changes: 02/22/2019 06:54 (61), 05/12/2020 07:32 (1), 07/19/2023 07:28 (4), 07/19/2023 07:34 (12)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.