—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Cisco Small Business Series Switches Simple Network Management Protocol Denial of Service Vulnerability

Advisory ID: cisco-sa-20190515-sb-snmpdos

Revision: 1.0

For Public Release: 2019 May 15 16:00 GMT

Last Updated: 2019 May 15 16:00 GMT

CVE ID(s): CVE-2019-1806

CVSS Score v(3): 7.7 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

+———————————————————————

Summary

=======

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Small Business Sx200, Sx300, Sx500, ESW2 Series Managed Switches and Small Business Sx250, Sx350, Sx550 Series Switches could allow an authenticated, remote attacker to cause the SNMP application of an affected device to cease processing traffic, resulting in the CPU utilization reaching one hundred percent. Manual intervention may be required before a device resumes normal operations.

The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a malicious SNMP packet to an affected device. A successful exploit could allow the attacker to cause the device to cease forwarding traffic, which could result in a denial of service (DoS) condition.

Cisco has released firmware updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-sb-snmpdos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-sb-snmpdos”]

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJc3DqwXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfczDZAQALJp4TQCARPeGLf0fhr3ptv+aJZ5
0hCk/294IOrJcGrvNH1rOkQLvnyY6i9Wy33DGc2VhOuaUVHoCqLscrhSvcWPVWak
ZvseIgzaY7LSpFV12d8XvxPrQg8mJr/0hhM/lkDIBkOyuTQ5kNkjh0B/cRfK4+ua
QPZAMoI/cnLZLfolckCa55RsKSQBM19vKDLCIX0rCZJ1BoH7gBlqqRQ1GiN80H5j
F3oQjoO7IeHGHwsyxa+cMDi9qn3S85GPS/+OnZahnNI6sDqHDjqtBoHUIr7KxXLV
NezsfD19me5PRZp/vZDcX/cq4U8pQTUGLyKBE7rUKD/+WZayC7OMmBoZvT+5VeKK
Ricuoclms/+vhzmFCh5IAlLwAt1bhPCAnK8REG2iI+gOEUwNCol2WLNsdnahEibk
4wiQpRIiM/hq2AWq+k8AtcDF2KXzOuq47tKPzi2OCDDzXKt9fgx7eDoFGg0agUOd
ZJ3fEGVhEAJQoB4SvLLNJqSGTpM7Cw5gvv4YdQy+pak4qqUV2yMwwEiqq1XN0x4a
IZMrM8uEXeuM15Askwi2DxDVRhEcIlgBiIaODMQuso13qq2wPLE967jCDI1bTJai
YP9bnCqhJgiwh1mApj5/FZEAx7n6zN+egPvMrB3SVNcX+Vr2999oN18YJbGta46J
1q3cPT2cMZhdo6Rf
=Fky3
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com