Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCiscoCVE-2019-1910
HistoryAug 07, 2019 - 9:15 p.m.

CVE-2019-1910

2019-08-0721:15:11
CWE-20
cisco
web.nvd.nist.gov
94
cve-2019-1910
cisco
ios xr software
is-is
denial of service
dos
vulnerability

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.001

Percentile

26.7%

JSON

A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an unauthenticated attacker who is in the same IS–IS area to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of crafted IS–IS link-state protocol data units (PDUs). An attacker could exploit this vulnerability by sending a crafted link-state PDU to an affected system to be processed. A successful exploit could allow the attacker to cause all routers within the IS–IS area to unexpectedly restart the IS–IS process, resulting in a DoS condition. This vulnerability affects Cisco devices if they are running a vulnerable release of Cisco IOS XR Software earlier than Release 6.6.3 and are configured with the IS–IS routing protocol. Cisco has confirmed that this vulnerability affects both Cisco IOS XR 32-bit Software and Cisco IOS XR 64-bit Software.

Affected configurations

Nvd
Vulners
Node
ciscoios_xrRange<6.6.3
Node
ciscocarrier_routing_systemMatch7.0.1
VendorProductVersionCPE
ciscoios_xr*cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*
ciscocarrier_routing_system7.0.1cpe:2.3:a:cisco:carrier_routing_system:7.0.1:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Cisco IOS XR Software",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "6.6.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Related

prion 1
cisco 1
cvelist 1
nvd 1
nessus 1
prion
prion
Race condition
2019-08-07 21:15:00
cisco
cisco
Cisco IOS XR Software Intermediate System-to-Intermediate System Denial of Service Vulnerability
2019-08-07 16:00:00
cvelist
cvelist
CVE-2019-1910 Cisco IOS XR Software Intermediate System to Intermediate System Denial of Service Vulnerability
2019-08-07 21:00:18
nvd
nvd
CVE-2019-1910
2019-08-07 21:15:11
nessus
nessus
Cisco IOS XR Software Intermediate System-to-Intermediate System Denial of Service Vulnerability
2019-08-16 00:00:00

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.001

Percentile

26.7%

JSON
Related for CVE-2019-1910
prion1cisco1cvelist1nvd1nessus1