CVE-2019-12656 – Cisco IOx Application Environment Denial of Service Vulnerability

https://notcve.org/view.php?id=CVE-2019-12656

A vulnerability in the IOx application environment of multiple Cisco platforms could allow an unauthenticated, remote attacker to cause the IOx web server to stop processing HTTPS requests, resulting in a denial of service (DoS) condition. The vulnerability is due to a Transport Layer Security (TLS) implementation issue. An attacker could exploit this vulnerability by sending crafted TLS packets to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing HTTPS requests, resulting in a DoS condition. Una vulnerabilidad en el entorno de la aplicación IOx de múltiples plataformas Cisco, podría permitir a un atacante remoto no autenticado causar que el servidor web IOx detenga el procesamiento de peticiones HTTPS, resultando en una condición de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iox • CWE-20: Improper Input Validation •