8.6
CVE-2019-12647
- EPSS 1.16%
- Veröffentlicht 25.09.2019 20:15:10
- Zuletzt bearbeitet 21.11.2024 04:23:15
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
LoginA vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability exists because the affected software incorrectly handles memory structures, leading to a NULL pointer dereference. An attacker could exploit this vulnerability by opening a TCP connection to specific ports and sending traffic over that connection. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Ios Xe Versionfuji-16.7.1
Cisco ≫ 1100 Version-
Cisco ≫ 4221 Version-
Cisco ≫ 4321 Version-
Cisco ≫ 4351 Version-
Cisco ≫ 4431 Version-
Cisco ≫ 4451-x Version-
Cisco ≫ Asr 1000 Version-
Cisco ≫ Asr 1001-hx Version-
Cisco ≫ Asr 1001-x Version-
Cisco ≫ Asr 1002-hx Version-
Cisco ≫ Asr 1002-x Version-
Cisco ≫ Asr 900 Version-
Cisco ≫ Asr 920-10sz-pd Version-
Cisco ≫ Asr 920-12cz-a Version-
Cisco ≫ Asr 920-12cz-d Version-
Cisco ≫ Asr 920-12sz-im Version-
Cisco ≫ Asr 920-24sz-im Version-
Cisco ≫ Asr 920-24sz-m Version-
Cisco ≫ Asr 920-24tz-m Version-
Cisco ≫ Asr 920-4sz-a Version-
Cisco ≫ Asr 920-4sz-d Version-
Cisco ≫ Cloud Services Router 1000v Version-
Cisco ≫ Ncs 4201 Version-
Cisco ≫ Ncs 4202 Version-
Cisco ≫ Ncs 4206 Version-
Cisco ≫ Ncs 4216 Version-
Cisco ≫ Network Convergence System 520 Version-
Cisco ≫ 4221 Version-
Cisco ≫ 4321 Version-
Cisco ≫ 4351 Version-
Cisco ≫ 4431 Version-
Cisco ≫ 4451-x Version-
Cisco ≫ Asr 1000 Version-
Cisco ≫ Asr 1001-hx Version-
Cisco ≫ Asr 1001-x Version-
Cisco ≫ Asr 1002-hx Version-
Cisco ≫ Asr 1002-x Version-
Cisco ≫ Asr 900 Version-
Cisco ≫ Asr 920-10sz-pd Version-
Cisco ≫ Asr 920-12cz-a Version-
Cisco ≫ Asr 920-12cz-d Version-
Cisco ≫ Asr 920-12sz-im Version-
Cisco ≫ Asr 920-24sz-im Version-
Cisco ≫ Asr 920-24sz-m Version-
Cisco ≫ Asr 920-24tz-m Version-
Cisco ≫ Asr 920-4sz-a Version-
Cisco ≫ Asr 920-4sz-d Version-
Cisco ≫ Cloud Services Router 1000v Version-
Cisco ≫ Ncs 4201 Version-
Cisco ≫ Ncs 4202 Version-
Cisco ≫ Ncs 4206 Version-
Cisco ≫ Ncs 4216 Version-
Cisco ≫ Network Convergence System 520 Version-
Cisco ≫ Ios Xe Versionfuji-16.8.1
Cisco ≫ 1100 Version-
Cisco ≫ 4221 Version-
Cisco ≫ 4321 Version-
Cisco ≫ 4351 Version-
Cisco ≫ 4431 Version-
Cisco ≫ 4451-x Version-
Cisco ≫ Asr 1000 Version-
Cisco ≫ Asr 1001-hx Version-
Cisco ≫ Asr 1001-x Version-
Cisco ≫ Asr 1002-hx Version-
Cisco ≫ Asr 1002-x Version-
Cisco ≫ Asr 900 Version-
Cisco ≫ Asr 920-10sz-pd Version-
Cisco ≫ Asr 920-12cz-a Version-
Cisco ≫ Asr 920-12cz-d Version-
Cisco ≫ Asr 920-12sz-im Version-
Cisco ≫ Asr 920-24sz-im Version-
Cisco ≫ Asr 920-24sz-m Version-
Cisco ≫ Asr 920-24tz-m Version-
Cisco ≫ Asr 920-4sz-a Version-
Cisco ≫ Asr 920-4sz-d Version-
Cisco ≫ Cloud Services Router 1000v Version-
Cisco ≫ Ncs 4201 Version-
Cisco ≫ Ncs 4202 Version-
Cisco ≫ Ncs 4206 Version-
Cisco ≫ Ncs 4216 Version-
Cisco ≫ Network Convergence System 520 Version-
Cisco ≫ 4221 Version-
Cisco ≫ 4321 Version-
Cisco ≫ 4351 Version-
Cisco ≫ 4431 Version-
Cisco ≫ 4451-x Version-
Cisco ≫ Asr 1000 Version-
Cisco ≫ Asr 1001-hx Version-
Cisco ≫ Asr 1001-x Version-
Cisco ≫ Asr 1002-hx Version-
Cisco ≫ Asr 1002-x Version-
Cisco ≫ Asr 900 Version-
Cisco ≫ Asr 920-10sz-pd Version-
Cisco ≫ Asr 920-12cz-a Version-
Cisco ≫ Asr 920-12cz-d Version-
Cisco ≫ Asr 920-12sz-im Version-
Cisco ≫ Asr 920-24sz-im Version-
Cisco ≫ Asr 920-24sz-m Version-
Cisco ≫ Asr 920-24tz-m Version-
Cisco ≫ Asr 920-4sz-a Version-
Cisco ≫ Asr 920-4sz-d Version-
Cisco ≫ Cloud Services Router 1000v Version-
Cisco ≫ Ncs 4201 Version-
Cisco ≫ Ncs 4202 Version-
Cisco ≫ Ncs 4206 Version-
Cisco ≫ Ncs 4216 Version-
Cisco ≫ Network Convergence System 520 Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.16% | 0.766 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
| psirt@cisco.com | 8.6 | 3.9 | 4 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.