Lucene search

K
cveCiscoCVE-2019-12663
HistorySep 25, 2019 - 9:15 p.m.

CVE-2019-12663

2019-09-2521:15:11
CWE-20
cisco
web.nvd.nist.gov
44
cve-2019-12663
cisco
trustsec
cts
pac
provisioning module
ios xe software
vulnerability
nvd
denial of service
dos
radius
message
attribute validation
remote attacker

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

8.4

Confidence

High

EPSS

0.002

Percentile

52.7%

A vulnerability in the Cisco TrustSec (CTS) Protected Access Credential (PAC) provisioning module of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of attributes in RADIUS messages. An attacker could exploit this vulnerability by sending a malicious RADIUS message to an affected device while the device is in a specific state.

Affected configurations

Nvd
Node
ciscoios_xeMatch16.6.4
OR
ciscoios_xeMatch16.12.1
AND
ciscocatalyst_9300-24p-aMatch-
OR
ciscocatalyst_9300-24p-eMatch-
OR
ciscocatalyst_9300-24s-aMatch-
OR
ciscocatalyst_9300-24s-eMatch-
OR
ciscocatalyst_9300-24t-aMatch-
OR
ciscocatalyst_9300-24t-eMatch-
OR
ciscocatalyst_9300-24u-aMatch-
OR
ciscocatalyst_9300-24u-eMatch-
OR
ciscocatalyst_9300-24ux-aMatch-
OR
ciscocatalyst_9300-24ux-eMatch-
OR
ciscocatalyst_9300-48p-aMatch-
OR
ciscocatalyst_9300-48p-eMatch-
OR
ciscocatalyst_9300-48s-aMatch-
OR
ciscocatalyst_9300-48s-eMatch-
OR
ciscocatalyst_9300-48t-aMatch-
OR
ciscocatalyst_9300-48t-eMatch-
OR
ciscocatalyst_9300-48u-aMatch-
OR
ciscocatalyst_9300-48u-eMatch-
OR
ciscocatalyst_9300-48un-aMatch-
OR
ciscocatalyst_9300-48un-eMatch-
OR
ciscocatalyst_9300-48uxm-aMatch-
OR
ciscocatalyst_9300-48uxm-eMatch-
OR
ciscocatalyst_9300l-24p-4g-aMatch-
OR
ciscocatalyst_9300l-24p-4g-eMatch-
OR
ciscocatalyst_9300l-24p-4x-aMatch-
OR
ciscocatalyst_9300l-24p-4x-eMatch-
OR
ciscocatalyst_9300l-24t-4g-aMatch-
OR
ciscocatalyst_9300l-24t-4g-eMatch-
OR
ciscocatalyst_9300l-24t-4x-aMatch-
OR
ciscocatalyst_9300l-24t-4x-eMatch-
OR
ciscocatalyst_9300l-48p-4g-aMatch-
OR
ciscocatalyst_9300l-48p-4g-eMatch-
OR
ciscocatalyst_9300l-48p-4x-aMatch-
OR
ciscocatalyst_9300l-48p-4x-eMatch-
OR
ciscocatalyst_9300l-48t-4g-aMatch-
OR
ciscocatalyst_9300l-48t-4g-eMatch-
OR
ciscocatalyst_9300l-48t-4x-aMatch-
OR
ciscocatalyst_9300l-48t-4x-eMatch-
OR
ciscocatalyst_9300l_stackMatch-
OR
ciscocatalyst_c9500-12q-aMatch-
OR
ciscocatalyst_c9500-12q-eMatch-
OR
ciscocatalyst_c9500-16x-aMatch-
OR
ciscocatalyst_c9500-16x-eMatch-
OR
ciscocatalyst_c9500-24q-aMatch-
OR
ciscocatalyst_c9500-24q-eMatch-
OR
ciscocatalyst_c9500-40x-aMatch-
OR
ciscocatalyst_c9500-40x-eMatch-
OR
ciscocbr-8_converged_broadband_routerMatch-
VendorProductVersionCPE
ciscoios_xe16.6.4cpe:2.3:o:cisco:ios_xe:16.6.4:*:*:*:*:*:*:*
ciscoios_xe16.12.1cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*
ciscocatalyst_9300-24p-a-cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*
ciscocatalyst_9300-24p-e-cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*
ciscocatalyst_9300-24s-a-cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*
ciscocatalyst_9300-24s-e-cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*
ciscocatalyst_9300-24t-a-cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*
ciscocatalyst_9300-24t-e-cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*
ciscocatalyst_9300-24u-a-cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*
ciscocatalyst_9300-24u-e-cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 501

CNA Affected

[
  {
    "product": "Cisco IOS XE Software",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "n/a",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

8.4

Confidence

High

EPSS

0.002

Percentile

52.7%