PT-2019-3333 · Cisco · Cisco Ios Xe+2

Publicado

2019-09-25

Atualizado

2020-10-08

CVE-2019-12669

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software (affected versions not specified)

Description A vulnerability in the RADIUS Change of Authorization (CoA) code of Cisco TrustSec could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of a malformed packet. An attacker could exploit this vulnerability by sending a malformed packet to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.

Recommendations Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Correção

DoS

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

BDU:2019-03440

CVE-2019-12669

Produtos afetados

Cisco Ios Xe

Cisco Ios

Cisco Trustsec

PT-2019-3333 · Cisco · Cisco Ios Xe+2

CVE-2019-12669

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4