Lucene search

CiscoCVELIST:CVE-2019-15966

HistoryNov 05, 2019 - 7:05 p.m.

CVE-2019-15966

2019-11-0519:05:37

CWE-20

cisco

www.cve.org

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

41.8%

JSON

A vulnerability in the web application of Cisco TelePresence Advanced Media Gateway could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the lack of input validation in the web application. An attacker could exploit this vulnerability by sending a crafted authenticated HTTP request to the device. An exploit could allow the attacker to stop services on an affected device. The device may become inoperable and results in a denial of service (DoS) condition.

CNA Affected

[
  {
    "product": "Cisco TelePresence Advanced Media Gateway",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "1.1"
      }
    ]
  }
]

References

quickview.cloudapps.cisco.com/quickview/bug/CSCvr69362

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

41.8%

JSON

Related for CVELIST:CVE-2019-15966