8.6

CVE-2019-12658

EPSS 1.03%
Veröffentlicht 25.09.2019 21:15:10
Zuletzt bearbeitet 21.11.2024 04:23:17
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

A vulnerability in the filesystem resource management code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to exhaust filesystem resources on an affected device and cause a denial of service (DoS) condition. The vulnerability is due to ineffective management of the underlying filesystem resources. An attacker could exploit this vulnerability by performing specific actions that result in messages being sent to specific operating system log files. A successful exploit could allow the attacker to exhaust available filesystem space on an affected device. This could cause the device to crash and reload, resulting in a DoS condition for clients whose network traffic is transiting the device. Upon reload of the device, the impacted filesystem space is cleared, and the device will return to normal operation. However, continued exploitation of this vulnerability could cause subsequent forced crashes and reloads, which could lead to an extended DoS condition.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Ios Xe Version16.6.1

   Cisco ≫ 1100 Integrated Services R Version-
   Cisco ≫ 4221 Integrated Services R Version-
   Cisco ≫ 4321 Integrated Services R Version-
   Cisco ≫ 4331 Integrated Services R Version-
   Cisco ≫ 4351 Integrated Services R Version-
   Cisco ≫ 4431 Integrated Services R Version-
   Cisco ≫ 4451-x Integrated Services R Version-
   Cisco ≫ Asr 1000 Version-
   Cisco ≫ Asr 1001-hx R Version-
   Cisco ≫ Asr 1001-x R Version-
   Cisco ≫ Asr 1002-hx R Version-
   Cisco ≫ Asr 1002-x R Version-
   Cisco ≫ Asr 900 Version-
   Cisco ≫ Asr 900 Version-
   Cisco ≫ Asr 920-10sz-pd R Version-
   Cisco ≫ Asr 920-12cz-a R Version-
   Cisco ≫ Asr 920-12cz-d R Version-
   Cisco ≫ Asr 920-12sz-im R Version-
   Cisco ≫ Asr 920-24sz-im R Version-
   Cisco ≫ Asr 920-24sz-m R Version-
   Cisco ≫ Asr 920-24tz-m R Version-
   Cisco ≫ Asr 920-4sz-a R Version-
   Cisco ≫ Asr 920-4sz-d R Version-
   Cisco ≫ Catalyst 3650-12x48uq-e Version-
   Cisco ≫ Catalyst 3650-12x48uq-l Version-
   Cisco ≫ Catalyst 3650-12x48uq-s Version-
   Cisco ≫ Catalyst 3650-12x48ur-e Version-
   Cisco ≫ Catalyst 3650-12x48ur-l Version-
   Cisco ≫ Catalyst 3650-12x48ur-s Version-
   Cisco ≫ Catalyst 3650-12x48uz-e Version-
   Cisco ≫ Catalyst 3650-24pd-e Version-
   Cisco ≫ Catalyst 3650-24pd-l Version-
   Cisco ≫ Catalyst 3650-24pd-s Version-
   Cisco ≫ Catalyst 3650-24pdm-e Version-
   Cisco ≫ Catalyst 3650-24pdm-l Version-
   Cisco ≫ Catalyst 3650-24pdm-s Version-
   Cisco ≫ Catalyst 3650-24ps-e Version-
   Cisco ≫ Catalyst 3650-24ps-l Version-
   Cisco ≫ Catalyst 3650-24ps-s Version-
   Cisco ≫ Catalyst 3650-24td-e Version-
   Cisco ≫ Catalyst 3650-24td-l Version-
   Cisco ≫ Catalyst 3650-24td-s Version-
   Cisco ≫ Catalyst 3650-24ts-e Version-
   Cisco ≫ Catalyst 3650-24ts-l Version-
   Cisco ≫ Catalyst 3650-24ts-s Version-
   Cisco ≫ Catalyst 3650-48fd-e Version-
   Cisco ≫ Catalyst 3650-48fd-l Version-
   Cisco ≫ Catalyst 3650-48fd-s Version-
   Cisco ≫ Catalyst 3650-48fq-e Version-
   Cisco ≫ Catalyst 3650-48fq-l Version-
   Cisco ≫ Catalyst 3650-48fq-s Version-
   Cisco ≫ Catalyst 3650-48fqm-e Version-
   Cisco ≫ Catalyst 3650-48fqm-l Version-
   Cisco ≫ Catalyst 3650-48fqm-s Version-
   Cisco ≫ Catalyst 3650-48fs-e Version-
   Cisco ≫ Catalyst 3650-48fs-l Version-
   Cisco ≫ Catalyst 3650-48fs-s Version-
   Cisco ≫ Catalyst 3650-48pd-e Version-
   Cisco ≫ Catalyst 3650-48pd-l Version-
   Cisco ≫ Catalyst 3650-48pd-s Version-
   Cisco ≫ Catalyst 3650-48pq-e Version-
   Cisco ≫ Catalyst 3650-48pq-l Version-
   Cisco ≫ Catalyst 3650-48pq-s Version-
   Cisco ≫ Catalyst 3650-48ps-e Version-
   Cisco ≫ Catalyst 3650-48ps-l Version-
   Cisco ≫ Catalyst 3650-48ps-s Version-
   Cisco ≫ Catalyst 3650-48td-e Version-
   Cisco ≫ Catalyst 3650-48td-l Version-
   Cisco ≫ Catalyst 3650-48td-s Version-
   Cisco ≫ Catalyst 3650-48tq-e Version-
   Cisco ≫ Catalyst 3650-48tq-l Version-
   Cisco ≫ Catalyst 3650-48tq-s Version-
   Cisco ≫ Catalyst 3650-48ts-e Version-
   Cisco ≫ Catalyst 3650-48ts-l Version-
   Cisco ≫ Catalyst 3650-48ts-s Version-
   Cisco ≫ Catalyst 3650-8x24uq-e Version-
   Cisco ≫ Catalyst 3650-8x24uq-l Version-
   Cisco ≫ Catalyst 3650-8x24uq-s Version-
   Cisco ≫ Catalyst 3850-12s-e Version-
   Cisco ≫ Catalyst 3850-12s-s Version-
   Cisco ≫ Catalyst 3850-12xs-e Version-
   Cisco ≫ Catalyst 3850-12xs-s Version-
   Cisco ≫ Catalyst 3850-16xs-e Version-
   Cisco ≫ Catalyst 3850-16xs-s Version-
   Cisco ≫ Catalyst 3850-24p-e Version-
   Cisco ≫ Catalyst 3850-24p-l Version-
   Cisco ≫ Catalyst 3850-24p-s Version-
   Cisco ≫ Catalyst 3850-24s-e Version-
   Cisco ≫ Catalyst 3850-24s-s Version-
   Cisco ≫ Catalyst 3850-24t-e Version-
   Cisco ≫ Catalyst 3850-24t-l Version-
   Cisco ≫ Catalyst 3850-24t-s Version-
   Cisco ≫ Catalyst 3850-24u-e Version-
   Cisco ≫ Catalyst 3850-24u-l Version-
   Cisco ≫ Catalyst 3850-24u-s Version-
   Cisco ≫ Catalyst 3850-24xs-e Version-
   Cisco ≫ Catalyst 3850-24xs-s Version-
   Cisco ≫ Catalyst 3850-24xu-e Version-
   Cisco ≫ Catalyst 3850-24xu-l Version-
   Cisco ≫ Catalyst 3850-24xu-s Version-
   Cisco ≫ Catalyst 3850-32xs-e Version-
   Cisco ≫ Catalyst 3850-32xs-s Version-
   Cisco ≫ Catalyst 3850-48f-e Version-
   Cisco ≫ Catalyst 3850-48f-l Version-
   Cisco ≫ Catalyst 3850-48f-s Version-
   Cisco ≫ Catalyst 3850-48p-e Version-
   Cisco ≫ Catalyst 3850-48p-l Version-
   Cisco ≫ Catalyst 3850-48p-s Version-
   Cisco ≫ Catalyst 3850-48t-e Version-
   Cisco ≫ Catalyst 3850-48t-l Version-
   Cisco ≫ Catalyst 3850-48t-s Version-
   Cisco ≫ Catalyst 3850-48u-e Version-
   Cisco ≫ Catalyst 3850-48u-l Version-
   Cisco ≫ Catalyst 3850-48u-s Version-
   Cisco ≫ Catalyst 3850-48xs-e Version-
   Cisco ≫ Catalyst 3850-48xs-f-e Version-
   Cisco ≫ Catalyst 3850-48xs-f-s Version-
   Cisco ≫ Catalyst 3850-48xs-s Version-
   Cisco ≫ Catalyst 9300 Version-
   Cisco ≫ Catalyst 9300-24p-a Version-
   Cisco ≫ Catalyst 9300-24p-e Version-
   Cisco ≫ Catalyst 9300-24t-a Version-
   Cisco ≫ Catalyst 9300-24t-e Version-
   Cisco ≫ Catalyst 9300-24u-a Version-
   Cisco ≫ Catalyst 9300-24u-e Version-
   Cisco ≫ Catalyst 9300-48p-a Version-
   Cisco ≫ Catalyst 9300-48p-e Version-
   Cisco ≫ Catalyst 9300-48t-a Version-
   Cisco ≫ Catalyst 9300-48t-e Version-
   Cisco ≫ Catalyst 9300-48u-a Version-
   Cisco ≫ Catalyst 9300-48u-e Version-
   Cisco ≫ Catalyst 9400 Supervisor Engine-1 Version-
   Cisco ≫ Catalyst 9407r Version-
   Cisco ≫ Catalyst 9410r Version-
   Cisco ≫ Catalyst 9500 Version-
   Cisco ≫ Catalyst C3850-12x48u-e Version-
   Cisco ≫ Catalyst C3850-12x48u-l Version-
   Cisco ≫ Catalyst C3850-12x48u-s Version-
   Cisco ≫ Catalyst C9500-12q-a Version-
   Cisco ≫ Catalyst C9500-12q-e Version-
   Cisco ≫ Catalyst C9500-24q-a Version-
   Cisco ≫ Catalyst C9500-24q-e Version-
   Cisco ≫ Catalyst C9500-40x-a Version-
   Cisco ≫ Catalyst C9500-40x-e Version-
   Cisco ≫ Cloud Services R 1000v Version-
   Cisco ≫ Ncs 4201 Version-
   Cisco ≫ Ncs 4202 Version-
   Cisco ≫ Ncs 4206 Version-
   Cisco ≫ Ncs 4216 Version-
   Cisco ≫ Network Convergence System 520 Version-

Cisco ≫ Ios Xe Version16.8.1

   Cisco ≫ 1100 Integrated Services R Version-
   Cisco ≫ 4221 Integrated Services R Version-
   Cisco ≫ 4321 Integrated Services R Version-
   Cisco ≫ 4331 Integrated Services R Version-
   Cisco ≫ 4351 Integrated Services R Version-
   Cisco ≫ 4431 Integrated Services R Version-
   Cisco ≫ 4451-x Integrated Services R Version-
   Cisco ≫ Asr 1000 Version-
   Cisco ≫ Asr 1001-hx R Version-
   Cisco ≫ Asr 1001-x R Version-
   Cisco ≫ Asr 1002-hx R Version-
   Cisco ≫ Asr 1002-x R Version-
   Cisco ≫ Asr 900 Version-
   Cisco ≫ Asr 900 Version-
   Cisco ≫ Asr 920-10sz-pd R Version-
   Cisco ≫ Asr 920-12cz-a R Version-
   Cisco ≫ Asr 920-12cz-d R Version-
   Cisco ≫ Asr 920-12sz-im R Version-
   Cisco ≫ Asr 920-24sz-im R Version-
   Cisco ≫ Asr 920-24sz-m R Version-
   Cisco ≫ Asr 920-24tz-m R Version-
   Cisco ≫ Asr 920-4sz-a R Version-
   Cisco ≫ Asr 920-4sz-d R Version-
   Cisco ≫ Catalyst 3650-12x48uq-e Version-
   Cisco ≫ Catalyst 3650-12x48uq-l Version-
   Cisco ≫ Catalyst 3650-12x48uq-s Version-
   Cisco ≫ Catalyst 3650-12x48ur-e Version-
   Cisco ≫ Catalyst 3650-12x48ur-l Version-
   Cisco ≫ Catalyst 3650-12x48ur-s Version-
   Cisco ≫ Catalyst 3650-12x48uz-e Version-
   Cisco ≫ Catalyst 3650-24pd-e Version-
   Cisco ≫ Catalyst 3650-24pd-l Version-
   Cisco ≫ Catalyst 3650-24pd-s Version-
   Cisco ≫ Catalyst 3650-24pdm-e Version-
   Cisco ≫ Catalyst 3650-24pdm-l Version-
   Cisco ≫ Catalyst 3650-24pdm-s Version-
   Cisco ≫ Catalyst 3650-24ps-e Version-
   Cisco ≫ Catalyst 3650-24ps-l Version-
   Cisco ≫ Catalyst 3650-24ps-s Version-
   Cisco ≫ Catalyst 3650-24td-e Version-
   Cisco ≫ Catalyst 3650-24td-l Version-
   Cisco ≫ Catalyst 3650-24td-s Version-
   Cisco ≫ Catalyst 3650-24ts-e Version-
   Cisco ≫ Catalyst 3650-24ts-l Version-
   Cisco ≫ Catalyst 3650-24ts-s Version-
   Cisco ≫ Catalyst 3650-48fd-e Version-
   Cisco ≫ Catalyst 3650-48fd-l Version-
   Cisco ≫ Catalyst 3650-48fd-s Version-
   Cisco ≫ Catalyst 3650-48fq-e Version-
   Cisco ≫ Catalyst 3650-48fq-l Version-
   Cisco ≫ Catalyst 3650-48fq-s Version-
   Cisco ≫ Catalyst 3650-48fqm-e Version-
   Cisco ≫ Catalyst 3650-48fqm-l Version-
   Cisco ≫ Catalyst 3650-48fqm-s Version-
   Cisco ≫ Catalyst 3650-48fs-e Version-
   Cisco ≫ Catalyst 3650-48fs-l Version-
   Cisco ≫ Catalyst 3650-48fs-s Version-
   Cisco ≫ Catalyst 3650-48pd-e Version-
   Cisco ≫ Catalyst 3650-48pd-l Version-
   Cisco ≫ Catalyst 3650-48pd-s Version-
   Cisco ≫ Catalyst 3650-48pq-e Version-
   Cisco ≫ Catalyst 3650-48pq-l Version-
   Cisco ≫ Catalyst 3650-48pq-s Version-
   Cisco ≫ Catalyst 3650-48ps-e Version-
   Cisco ≫ Catalyst 3650-48ps-l Version-
   Cisco ≫ Catalyst 3650-48ps-s Version-
   Cisco ≫ Catalyst 3650-48td-e Version-
   Cisco ≫ Catalyst 3650-48td-l Version-
   Cisco ≫ Catalyst 3650-48td-s Version-
   Cisco ≫ Catalyst 3650-48tq-e Version-
   Cisco ≫ Catalyst 3650-48tq-l Version-
   Cisco ≫ Catalyst 3650-48tq-s Version-
   Cisco ≫ Catalyst 3650-48ts-e Version-
   Cisco ≫ Catalyst 3650-48ts-l Version-
   Cisco ≫ Catalyst 3650-48ts-s Version-
   Cisco ≫ Catalyst 3650-8x24uq-e Version-
   Cisco ≫ Catalyst 3650-8x24uq-l Version-
   Cisco ≫ Catalyst 3650-8x24uq-s Version-
   Cisco ≫ Catalyst 3850-12s-e Version-
   Cisco ≫ Catalyst 3850-12s-s Version-
   Cisco ≫ Catalyst 3850-12xs-e Version-
   Cisco ≫ Catalyst 3850-12xs-s Version-
   Cisco ≫ Catalyst 3850-16xs-e Version-
   Cisco ≫ Catalyst 3850-16xs-s Version-
   Cisco ≫ Catalyst 3850-24p-e Version-
   Cisco ≫ Catalyst 3850-24p-l Version-
   Cisco ≫ Catalyst 3850-24p-s Version-
   Cisco ≫ Catalyst 3850-24s-e Version-
   Cisco ≫ Catalyst 3850-24s-s Version-
   Cisco ≫ Catalyst 3850-24t-e Version-
   Cisco ≫ Catalyst 3850-24t-l Version-
   Cisco ≫ Catalyst 3850-24t-s Version-
   Cisco ≫ Catalyst 3850-24u-e Version-
   Cisco ≫ Catalyst 3850-24u-l Version-
   Cisco ≫ Catalyst 3850-24u-s Version-
   Cisco ≫ Catalyst 3850-24xs-e Version-
   Cisco ≫ Catalyst 3850-24xs-s Version-
   Cisco ≫ Catalyst 3850-24xu-e Version-
   Cisco ≫ Catalyst 3850-24xu-l Version-
   Cisco ≫ Catalyst 3850-24xu-s Version-
   Cisco ≫ Catalyst 3850-32xs-e Version-
   Cisco ≫ Catalyst 3850-32xs-s Version-
   Cisco ≫ Catalyst 3850-48f-e Version-
   Cisco ≫ Catalyst 3850-48f-l Version-
   Cisco ≫ Catalyst 3850-48f-s Version-
   Cisco ≫ Catalyst 3850-48p-e Version-
   Cisco ≫ Catalyst 3850-48p-l Version-
   Cisco ≫ Catalyst 3850-48p-s Version-
   Cisco ≫ Catalyst 3850-48t-e Version-
   Cisco ≫ Catalyst 3850-48t-l Version-
   Cisco ≫ Catalyst 3850-48t-s Version-
   Cisco ≫ Catalyst 3850-48u-e Version-
   Cisco ≫ Catalyst 3850-48u-l Version-
   Cisco ≫ Catalyst 3850-48u-s Version-
   Cisco ≫ Catalyst 3850-48xs-e Version-
   Cisco ≫ Catalyst 3850-48xs-f-e Version-
   Cisco ≫ Catalyst 3850-48xs-f-s Version-
   Cisco ≫ Catalyst 3850-48xs-s Version-
   Cisco ≫ Catalyst 9300 Version-
   Cisco ≫ Catalyst 9300-24p-a Version-
   Cisco ≫ Catalyst 9300-24p-e Version-
   Cisco ≫ Catalyst 9300-24t-a Version-
   Cisco ≫ Catalyst 9300-24t-e Version-
   Cisco ≫ Catalyst 9300-24u-a Version-
   Cisco ≫ Catalyst 9300-24u-e Version-
   Cisco ≫ Catalyst 9300-48p-a Version-
   Cisco ≫ Catalyst 9300-48p-e Version-
   Cisco ≫ Catalyst 9300-48t-a Version-
   Cisco ≫ Catalyst 9300-48t-e Version-
   Cisco ≫ Catalyst 9300-48u-a Version-
   Cisco ≫ Catalyst 9300-48u-e Version-
   Cisco ≫ Catalyst 9400 Supervisor Engine-1 Version-
   Cisco ≫ Catalyst 9407r Version-
   Cisco ≫ Catalyst 9410r Version-
   Cisco ≫ Catalyst 9500 Version-
   Cisco ≫ Catalyst C3850-12x48u-e Version-
   Cisco ≫ Catalyst C3850-12x48u-l Version-
   Cisco ≫ Catalyst C3850-12x48u-s Version-
   Cisco ≫ Catalyst C9500-12q-a Version-
   Cisco ≫ Catalyst C9500-12q-e Version-
   Cisco ≫ Catalyst C9500-24q-a Version-
   Cisco ≫ Catalyst C9500-24q-e Version-
   Cisco ≫ Catalyst C9500-40x-a Version-
   Cisco ≫ Catalyst C9500-40x-e Version-
   Cisco ≫ Cloud Services R 1000v Version-
   Cisco ≫ Ncs 4201 Version-
   Cisco ≫ Ncs 4202 Version-
   Cisco ≫ Ncs 4206 Version-
   Cisco ≫ Ncs 4216 Version-
   Cisco ≫ Network Convergence System 520 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.03%	0.767

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C
psirt@cisco.com	8.6	3.9	4	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iosxe-fsdos

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-12658

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-12658

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-12658

EUVD