PT-2019-3324 · Cisco · Cisco Iox+1

Published

2019-09-25

Updated

2020-10-08

CVE-2019-12656

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Cisco IOx (affected versions not specified)

Description The issue is due to a Transport Layer Security (TLS) implementation problem, which can be exploited by sending specially crafted TLS packets to the IOx web server, resulting in a denial of service (DoS) condition. This allows an unauthenticated, remote attacker to cause the IOx web server to stop processing HTTPS requests.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2019-03431

CVE-2019-12656

Affected Products

Cisco Iox

Cisco Ios

PT-2019-3324 · Cisco · Cisco Iox+1

CVE-2019-12656

Weakness Enumeration

Related Identifiers

Affected Products

References · 4