CVE-2019-1760
Cisco IOS XE Software Performance Routing Version 3 Denial of Service Vulnerability
Severity Score
5.9
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
A vulnerability in Performance Routing Version 3 (PfRv3) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload. The vulnerability is due to the processing of malformed smart probe packets. An attacker could exploit this vulnerability by sending specially crafted smart probe packets at the affected device. A successful exploit could allow the attacker to reload the device, resulting in a denial of service (DoS) attack on an affected system.
Una vulnerabilidad en Performance Routing Version 3 (PfRv3) del software Cisco IOS XE podría permitir que un atacante remoto no autenticado provoque que el dispositivo afectado se recargue. Esta vulnerabilidad se debe a un procesamiento incorrecto de paquetes "smart probe" mal formados. Un atacante podría explotar esta vulnerabilidad enviando paquetes "smart probe" especialmente manipulados al dispositivo afectado. Su explotación con éxito podría permitir que el atacante recargue el dispositivo, provocando una denegación de servicio (DoS) en un sistema afectado.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-12-06 CVE Reserved
- 2019-03-28 CVE Published
- 2024-08-17 EPSS Updated
- 2024-11-21 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/107611 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-pfrv3 | 2019-10-09 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.2.0ja Search vendor "Cisco" for product "Ios Xe" and version "3.2.0ja" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.4as Search vendor "Cisco" for product "Ios Xe" and version "3.16.4as" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.4bs Search vendor "Cisco" for product "Ios Xe" and version "3.16.4bs" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.4cs Search vendor "Cisco" for product "Ios Xe" and version "3.16.4cs" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.4ds Search vendor "Cisco" for product "Ios Xe" and version "3.16.4ds" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.4es Search vendor "Cisco" for product "Ios Xe" and version "3.16.4es" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.4gs Search vendor "Cisco" for product "Ios Xe" and version "3.16.4gs" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.4s Search vendor "Cisco" for product "Ios Xe" and version "3.16.4s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.5as Search vendor "Cisco" for product "Ios Xe" and version "3.16.5as" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.5bs Search vendor "Cisco" for product "Ios Xe" and version "3.16.5bs" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.5s Search vendor "Cisco" for product "Ios Xe" and version "3.16.5s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.6bs Search vendor "Cisco" for product "Ios Xe" and version "3.16.6bs" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.6s Search vendor "Cisco" for product "Ios Xe" and version "3.16.6s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.7as Search vendor "Cisco" for product "Ios Xe" and version "3.16.7as" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.7bs Search vendor "Cisco" for product "Ios Xe" and version "3.16.7bs" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.7s Search vendor "Cisco" for product "Ios Xe" and version "3.16.7s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.2 Search vendor "Cisco" for product "Ios Xe" and version "16.3.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.3 Search vendor "Cisco" for product "Ios Xe" and version "16.3.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.4 Search vendor "Cisco" for product "Ios Xe" and version "16.3.4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.5 Search vendor "Cisco" for product "Ios Xe" and version "16.3.5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.5b Search vendor "Cisco" for product "Ios Xe" and version "16.3.5b" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.6 Search vendor "Cisco" for product "Ios Xe" and version "16.3.6" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.4.1 Search vendor "Cisco" for product "Ios Xe" and version "16.4.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.4.2 Search vendor "Cisco" for product "Ios Xe" and version "16.4.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.4.3 Search vendor "Cisco" for product "Ios Xe" and version "16.4.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.5.1 Search vendor "Cisco" for product "Ios Xe" and version "16.5.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.5.1a Search vendor "Cisco" for product "Ios Xe" and version "16.5.1a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.5.1b Search vendor "Cisco" for product "Ios Xe" and version "16.5.1b" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.5.2 Search vendor "Cisco" for product "Ios Xe" and version "16.5.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.5.3 Search vendor "Cisco" for product "Ios Xe" and version "16.5.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.6.1 Search vendor "Cisco" for product "Ios Xe" and version "16.6.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.6.2 Search vendor "Cisco" for product "Ios Xe" and version "16.6.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.6.3 Search vendor "Cisco" for product "Ios Xe" and version "16.6.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.7.1 Search vendor "Cisco" for product "Ios Xe" and version "16.7.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.7.1a Search vendor "Cisco" for product "Ios Xe" and version "16.7.1a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.7.1b Search vendor "Cisco" for product "Ios Xe" and version "16.7.1b" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.8.1 Search vendor "Cisco" for product "Ios Xe" and version "16.8.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.8.1a Search vendor "Cisco" for product "Ios Xe" and version "16.8.1a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.8.1b Search vendor "Cisco" for product "Ios Xe" and version "16.8.1b" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.8.1c Search vendor "Cisco" for product "Ios Xe" and version "16.8.1c" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.8.1s Search vendor "Cisco" for product "Ios Xe" and version "16.8.1s" | - |
Affected
| ||||||