Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2019-1635
HistoryMay 03, 2019 - 3:29 p.m.

CVE-2019-1635

2019-05-0315:29:00
CWE-399
CWE-755
[email protected]
web.nvd.nist.gov
1

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

52.6%

JSON

A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to incomplete error handling when XML data within a SIP packet is parsed. An attacker could exploit this vulnerability by sending a SIP packet that contains a malicious XML payload to an affected phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition.

Affected configurations

Nvd
Node
ciscoip_conference_phone_7832_firmwareMatch9.3\(4\)sr3
OR
ciscoip_conference_phone_7832_firmwareMatch10.3\(1\)sr4b
OR
ciscoip_conference_phone_7832_firmwareMatch11.0\(4\)sr2
OR
ciscoip_conference_phone_7832_firmwareMatch12.1\(1\)sr1
AND
ciscoip_conference_phone_7832Match-
Node
ciscoip_conference_phone_8832_firmwareMatch9.3\(4\)sr3
OR
ciscoip_conference_phone_8832_firmwareMatch10.3\(1\)sr4b
OR
ciscoip_conference_phone_8832_firmwareMatch11.0\(4\)sr2
OR
ciscoip_conference_phone_8832_firmwareMatch12.1\(1\)sr1
AND
ciscoip_conference_phone_8832Match-
Node
ciscoip_phone_7811_firmwareMatch9.3\(4\)sr3
OR
ciscoip_phone_7811_firmwareMatch10.3\(1\)sr4b
OR
ciscoip_phone_7811_firmwareMatch11.0\(4\)sr2
OR
ciscoip_phone_7811_firmwareMatch12.1\(1\)sr1
AND
ciscoip_phone_7811Match-
Node
ciscoip_phone_7821_firmwareMatch9.3\(4\)sr3
OR
ciscoip_phone_7821_firmwareMatch10.3\(1\)sr4b
OR
ciscoip_phone_7821_firmwareMatch11.0\(4\)sr2
OR
ciscoip_phone_7821_firmwareMatch12.1\(1\)sr1
AND
ciscoip_phone_7821Match-
Node
ciscoip_phone_7841_firmwareMatch9.3\(4\)sr3
OR
ciscoip_phone_7841_firmwareMatch10.3\(1\)sr4b
OR
ciscoip_phone_7841_firmwareMatch11.0\(4\)sr2
OR
ciscoip_phone_7841_firmwareMatch12.1\(1\)sr1
AND
ciscoip_phone_7841Match-
Node
ciscoip_phone_7861_firmwareMatch9.3\(4\)sr3
OR
ciscoip_phone_7861_firmwareMatch10.3\(1\)sr4b
OR
ciscoip_phone_7861_firmwareMatch11.0\(4\)sr2
OR
ciscoip_phone_7861_firmwareMatch12.1\(1\)sr1
AND
ciscoip_phone_7861Match-
Node
ciscoip_phone_8811_firmwareMatch9.3\(4\)sr3
OR
ciscoip_phone_8811_firmwareMatch10.3\(1\)sr4b
OR
ciscoip_phone_8811_firmwareMatch11.0\(4\)sr2
OR
ciscoip_phone_8811_firmwareMatch12.1\(1\)sr1
AND
ciscoip_phone_8811Match-
Node
ciscoip_phone_8841_firmwareMatch9.3\(4\)sr3
OR
ciscoip_phone_8841_firmwareMatch10.3\(1\)sr4b
OR
ciscoip_phone_8841_firmwareMatch11.0\(4\)sr2
OR
ciscoip_phone_8841_firmwareMatch12.1\(1\)sr1
AND
ciscoip_phone_8841Match-
Node
ciscoip_phone_8845_firmwareMatch9.3\(4\)sr3
OR
ciscoip_phone_8845_firmwareMatch10.3\(1\)sr4b
OR
ciscoip_phone_8845_firmwareMatch11.0\(4\)sr2
OR
ciscoip_phone_8845_firmwareMatch12.1\(1\)sr1
AND
ciscoip_phone_8845Match-
Node
ciscoip_phone_8851_firmwareMatch9.3\(4\)sr3
OR
ciscoip_phone_8851_firmwareMatch10.3\(1\)sr4b
OR
ciscoip_phone_8851_firmwareMatch11.0\(4\)sr2
OR
ciscoip_phone_8851_firmwareMatch12.1\(1\)sr1
AND
ciscoip_phone_8851Match-
Node
ciscoip_phone_8861_firmwareMatch9.3\(4\)sr3
OR
ciscoip_phone_8861_firmwareMatch10.3\(1\)sr4b
OR
ciscoip_phone_8861_firmwareMatch11.0\(4\)sr2
OR
ciscoip_phone_8861_firmwareMatch12.1\(1\)sr1
AND
ciscoip_phone_8861Match-
Node
ciscoip_phone_8865_firmwareMatch9.3\(4\)sr3
OR
ciscoip_phone_8865_firmwareMatch10.3\(1\)sr4b
OR
ciscoip_phone_8865_firmwareMatch11.0\(4\)sr2
OR
ciscoip_phone_8865_firmwareMatch12.1\(1\)sr1
AND
ciscoip_phone_8865Match-
Node
ciscounified_ip_8831_conference_phone1_firmwareMatch9.3\(4\)sr3
OR
ciscounified_ip_8831_conference_phone1_firmwareMatch10.3\(1\)sr4b
OR
ciscounified_ip_8831_conference_phone1_firmwareMatch11.0\(4\)sr2
OR
ciscounified_ip_8831_conference_phone1_firmwareMatch12.1\(1\)sr1
AND
ciscounified_ip_8831_conference_phone1Match-
Node
ciscounified_ip_8831_conference_phone_for_third-party_call_control2_firmwareMatch9.3\(4\)sr3
OR
ciscounified_ip_8831_conference_phone_for_third-party_call_control2_firmwareMatch10.3\(1\)sr4b
OR
ciscounified_ip_8831_conference_phone_for_third-party_call_control2_firmwareMatch11.0\(4\)sr2
OR
ciscounified_ip_8831_conference_phone_for_third-party_call_control2_firmwareMatch12.1\(1\)sr1
AND
ciscounified_ip_8831_conference_phone_for_third-party_call_control2Match-
Node
ciscowireless_ip_phone_8821_firmwareMatch9.3\(4\)sr3
OR
ciscowireless_ip_phone_8821_firmwareMatch10.3\(1\)sr4b
OR
ciscowireless_ip_phone_8821_firmwareMatch11.0\(4\)sr2
OR
ciscowireless_ip_phone_8821_firmwareMatch12.1\(1\)sr1
AND
ciscowireless_ip_phone_8821Match-
Node
ciscowireless_ip_phone_8821-ex_firmwareMatch9.3\(4\)sr3
OR
ciscowireless_ip_phone_8821-ex_firmwareMatch10.3\(1\)sr4b
OR
ciscowireless_ip_phone_8821-ex_firmwareMatch11.0\(4\)sr2
OR
ciscowireless_ip_phone_8821-ex_firmwareMatch12.1\(1\)sr1
AND
ciscowireless_ip_phone_8821-exMatch-
VendorProductVersionCPE
ciscoip_conference_phone_7832_firmware9.3(4)sr3cpe:2.3:o:cisco:ip_conference_phone_7832_firmware:9.3\(4\)sr3:*:*:*:*:*:*:*
ciscoip_conference_phone_7832_firmware10.3(1)sr4bcpe:2.3:o:cisco:ip_conference_phone_7832_firmware:10.3\(1\)sr4b:*:*:*:*:*:*:*
ciscoip_conference_phone_7832_firmware11.0(4)sr2cpe:2.3:o:cisco:ip_conference_phone_7832_firmware:11.0\(4\)sr2:*:*:*:*:*:*:*
ciscoip_conference_phone_7832_firmware12.1(1)sr1cpe:2.3:o:cisco:ip_conference_phone_7832_firmware:12.1\(1\)sr1:*:*:*:*:*:*:*
ciscoip_conference_phone_7832-cpe:2.3:h:cisco:ip_conference_phone_7832:-:*:*:*:*:*:*:*
ciscoip_conference_phone_8832_firmware9.3(4)sr3cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:9.3\(4\)sr3:*:*:*:*:*:*:*
ciscoip_conference_phone_8832_firmware10.3(1)sr4bcpe:2.3:o:cisco:ip_conference_phone_8832_firmware:10.3\(1\)sr4b:*:*:*:*:*:*:*
ciscoip_conference_phone_8832_firmware11.0(4)sr2cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:11.0\(4\)sr2:*:*:*:*:*:*:*
ciscoip_conference_phone_8832_firmware12.1(1)sr1cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:12.1\(1\)sr1:*:*:*:*:*:*:*
ciscoip_conference_phone_8832-cpe:2.3:h:cisco:ip_conference_phone_8832:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 801

Related

prion 1
nessus 1
cve 1
cisco 1
cvelist 1
threatpost 1
prion
prion
Race condition
2019-05-03 15:29:00
nessus
nessus
Cisco IP Phones 7800 Series and 8800 Series Session Initiation Protocol XML Denial of Service (CVE-2019-1635)
2024-03-18 00:00:00
cve
cve
CVE-2019-1635
2019-05-03 15:29:00
cisco
cisco
Cisco IP Phone 7800 Series and 8800 Series Session Initiation Protocol XML Denial of Service Vulnerability
2019-05-01 16:00:00
cvelist
cvelist
CVE-2019-1635 Cisco IP Phone 7800 Series and 8800 Series Session Initiation Protocol XML Denial of Service Vulnerability
2019-05-03 14:55:27
threatpost
threatpost
Cisco Warns of Critical Nexus 9000 Data Center Flaw
2019-05-02 15:24:10

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

52.6%

JSON
Related for NVD:CVE-2019-1635
prion1nessus1cve1cisco1cvelist1threatpost1