Lucene search

CiscoCVE-2019-1760

HistoryMar 28, 2019 - 1:29 a.m.

CVE-2019-1760

2019-03-2801:29:00

CWE-20

cisco

web.nvd.nist.gov

cve-2019-1760

cisco

ios xe

performance routing

pfrv3

vulnerability

remote

dos

nvd

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

48.3%

JSON

A vulnerability in Performance Routing Version 3 (PfRv3) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload. The vulnerability is due to the processing of malformed smart probe packets. An attacker could exploit this vulnerability by sending specially crafted smart probe packets at the affected device. A successful exploit could allow the attacker to reload the device, resulting in a denial of service (DoS) attack on an affected system.

Affected configurations

Nvd

Vulners

Node

ciscoios_xeMatch3.2.0ja

ciscoios_xeMatch3.16.4as

ciscoios_xeMatch3.16.4bs

ciscoios_xeMatch3.16.4cs

ciscoios_xeMatch3.16.4ds

ciscoios_xeMatch3.16.4es

ciscoios_xeMatch3.16.4gs

ciscoios_xeMatch3.16.4s

ciscoios_xeMatch3.16.5as

ciscoios_xeMatch3.16.5bs

ciscoios_xeMatch3.16.5s

ciscoios_xeMatch3.16.6bs

ciscoios_xeMatch3.16.6s

ciscoios_xeMatch3.16.7as

ciscoios_xeMatch3.16.7bs

ciscoios_xeMatch3.16.7s

ciscoios_xeMatch16.3.2

ciscoios_xeMatch16.3.3

ciscoios_xeMatch16.3.4

ciscoios_xeMatch16.3.5

ciscoios_xeMatch16.3.5b

ciscoios_xeMatch16.3.6

ciscoios_xeMatch16.4.1

ciscoios_xeMatch16.4.2

ciscoios_xeMatch16.4.3

ciscoios_xeMatch16.5.1

ciscoios_xeMatch16.5.1a

ciscoios_xeMatch16.5.1b

ciscoios_xeMatch16.5.2

ciscoios_xeMatch16.5.3

ciscoios_xeMatch16.6.1

ciscoios_xeMatch16.6.2

ciscoios_xeMatch16.6.3

ciscoios_xeMatch16.7.1

ciscoios_xeMatch16.7.1a

ciscoios_xeMatch16.7.1b

ciscoios_xeMatch16.8.1

ciscoios_xeMatch16.8.1a

ciscoios_xeMatch16.8.1b

ciscoios_xeMatch16.8.1c

ciscoios_xeMatch16.8.1s

VendorProductVersionCPE
ciscoios_xe3.2.0jacpe:2.3:o:cisco:ios_xe:3.2.0ja:*:*:*:*:*:*:*
ciscoios_xe3.16.4ascpe:2.3:o:cisco:ios_xe:3.16.4as:*:*:*:*:*:*:*
ciscoios_xe3.16.4bscpe:2.3:o:cisco:ios_xe:3.16.4bs:*:*:*:*:*:*:*
ciscoios_xe3.16.4cscpe:2.3:o:cisco:ios_xe:3.16.4cs:*:*:*:*:*:*:*
ciscoios_xe3.16.4dscpe:2.3:o:cisco:ios_xe:3.16.4ds:*:*:*:*:*:*:*
ciscoios_xe3.16.4escpe:2.3:o:cisco:ios_xe:3.16.4es:*:*:*:*:*:*:*
ciscoios_xe3.16.4gscpe:2.3:o:cisco:ios_xe:3.16.4gs:*:*:*:*:*:*:*
ciscoios_xe3.16.4scpe:2.3:o:cisco:ios_xe:3.16.4s:*:*:*:*:*:*:*
ciscoios_xe3.16.5ascpe:2.3:o:cisco:ios_xe:3.16.5as:*:*:*:*:*:*:*
ciscoios_xe3.16.5bscpe:2.3:o:cisco:ios_xe:3.16.5bs:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xe	3.2.0ja	cpe:2.3:o:cisco:ios_xe:3.2.0ja:::::::*
cisco	ios_xe	3.16.4as	cpe:2.3:o:cisco:ios_xe:3.16.4as:::::::*
cisco	ios_xe	3.16.4bs	cpe:2.3:o:cisco:ios_xe:3.16.4bs:::::::*
cisco	ios_xe	3.16.4cs	cpe:2.3:o:cisco:ios_xe:3.16.4cs:::::::*
cisco	ios_xe	3.16.4ds	cpe:2.3:o:cisco:ios_xe:3.16.4ds:::::::*
cisco	ios_xe	3.16.4es	cpe:2.3:o:cisco:ios_xe:3.16.4es:::::::*
cisco	ios_xe	3.16.4gs	cpe:2.3:o:cisco:ios_xe:3.16.4gs:::::::*
cisco	ios_xe	3.16.4s	cpe:2.3:o:cisco:ios_xe:3.16.4s:::::::*
cisco	ios_xe	3.16.5as	cpe:2.3:o:cisco:ios_xe:3.16.5as:::::::*
cisco	ios_xe	3.16.5bs	cpe:2.3:o:cisco:ios_xe:3.16.5bs:::::::*

Rows per page:

1-10 of 411

CNA Affected

[
  {
    "product": "Cisco IOS XE Software",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "3.16.4S"
      },
      {
        "status": "affected",
        "version": "3.16.4aS"
      },
      {
        "status": "affected",
        "version": "3.16.4bS"
      },
      {
        "status": "affected",
        "version": "3.16.4gS"
      },
      {
        "status": "affected",
        "version": "3.16.5S"
      },
      {
        "status": "affected",
        "version": "3.16.4cS"
      },
      {
        "status": "affected",
        "version": "3.16.4dS"
      },
      {
        "status": "affected",
        "version": "3.16.4eS"
      },
      {
        "status": "affected",
        "version": "3.16.6S"
      },
      {
        "status": "affected",
        "version": "3.16.5aS"
      },
      {
        "status": "affected",
        "version": "3.16.5bS"
      },
      {
        "status": "affected",
        "version": "3.16.7S"
      },
      {
        "status": "affected",
        "version": "3.16.6bS"
      },
      {
        "status": "affected",
        "version": "3.16.7aS"
      },
      {
        "status": "affected",
        "version": "3.16.7bS"
      },
      {
        "status": "affected",
        "version": "3.2.0JA"
      },
      {
        "status": "affected",
        "version": "16.3.2"
      },
      {
        "status": "affected",
        "version": "16.3.3"
      },
      {
        "status": "affected",
        "version": "16.3.4"
      },
      {
        "status": "affected",
        "version": "16.3.5"
      },
      {
        "status": "affected",
        "version": "16.3.5b"
      },
      {
        "status": "affected",
        "version": "16.3.6"
      },
      {
        "status": "affected",
        "version": "16.4.1"
      },
      {
        "status": "affected",
        "version": "16.4.2"
      },
      {
        "status": "affected",
        "version": "16.4.3"
      },
      {
        "status": "affected",
        "version": "16.5.1"
      },
      {
        "status": "affected",
        "version": "16.5.1a"
      },
      {
        "status": "affected",
        "version": "16.5.1b"
      },
      {
        "status": "affected",
        "version": "16.5.2"
      },
      {
        "status": "affected",
        "version": "16.5.3"
      },
      {
        "status": "affected",
        "version": "16.6.1"
      },
      {
        "status": "affected",
        "version": "16.6.2"
      },
      {
        "status": "affected",
        "version": "16.6.3"
      },
      {
        "status": "affected",
        "version": "16.7.1"
      },
      {
        "status": "affected",
        "version": "16.7.1a"
      },
      {
        "status": "affected",
        "version": "16.7.1b"
      },
      {
        "status": "affected",
        "version": "16.8.1"
      },
      {
        "status": "affected",
        "version": "16.8.1a"
      },
      {
        "status": "affected",
        "version": "16.8.1b"
      },
      {
        "status": "affected",
        "version": "16.8.1s"
      },
      {
        "status": "affected",
        "version": "16.8.1c"
      }
    ]
  }
]

References

www.securityfocus.com/bid/107611

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-pfrv3

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

48.3%

JSON

Related for CVE-2019-1760