CVE-2019-12663

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software (affected versions not specified)

Description A vulnerability in the Cisco TrustSec (CTS) Protected Access Credential (PAC) provisioning module could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The issue is due to improper validation of attributes in RADIUS messages. An attacker could exploit this by sending a malicious RADIUS message to an affected device while it is in a specific state.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.