CVE-2019-1740

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 28-03-2019 01:29

Last modified: - 18-03-2022 08:40

Total changes: - 2

Description

A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability are due to a parsing issue on DNS packets. An attacker could exploit this vulnerability by sending crafted DNS packets through routers that are running an affected version and have NBAR enabled. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Low

Attack complexity

Network

Attack vector

High

Availability

None

Confidentiality

None

Integrity

None

Privileges required

Changed

Scope

None

User interaction

8.6

Base score

3.9

4.0

Exploitability score

Impact score

Verification logic

vendor=cisco AND product=ios_xe AND version=3.2.0ja

vendor=cisco AND product=ios_xe AND version=3.16.0as

vendor=cisco AND product=ios_xe AND version=3.16.0bs

vendor=cisco AND product=ios_xe AND version=3.16.0cs

vendor=cisco AND product=ios_xe AND version=3.16.0s

vendor=cisco AND product=ios_xe AND version=3.16.1as

vendor=cisco AND product=ios_xe AND version=3.16.1s

vendor=cisco AND product=ios_xe AND version=3.16.2as

vendor=cisco AND product=ios_xe AND version=3.16.2bs

vendor=cisco AND product=ios_xe AND version=3.16.2s

vendor=cisco AND product=ios_xe AND version=3.16.3as

vendor=cisco AND product=ios_xe AND version=3.16.3s

vendor=cisco AND product=ios_xe AND version=3.16.4as

vendor=cisco AND product=ios_xe AND version=3.16.4bs

vendor=cisco AND product=ios_xe AND version=3.16.4cs

vendor=cisco AND product=ios_xe AND version=3.16.4ds

vendor=cisco AND product=ios_xe AND version=3.16.4es

vendor=cisco AND product=ios_xe AND version=3.16.4gs

vendor=cisco AND product=ios_xe AND version=3.16.4s

vendor=cisco AND product=ios_xe AND version=3.16.5as

vendor=cisco AND product=ios_xe AND version=3.16.5s

vendor=cisco AND product=ios_xe AND version=3.17.0s

vendor=cisco AND product=ios_xe AND version=3.17.1as

vendor=cisco AND product=ios_xe AND version=3.17.1s

vendor=cisco AND product=ios_xe AND version=3.17.2s

vendor=cisco AND product=ios_xe AND version=3.17.3s

vendor=cisco AND product=ios_xe AND version=3.17.4s

vendor=cisco AND product=ios_xe AND version=3.18.0as

vendor=cisco AND product=ios_xe AND version=3.18.0s

vendor=cisco AND product=ios_xe AND version=3.18.0sp

vendor=cisco AND product=ios_xe AND version=3.18.1asp

vendor=cisco AND product=ios_xe AND version=3.18.1bsp

vendor=cisco AND product=ios_xe AND version=3.18.1csp

vendor=cisco AND product=ios_xe AND version=3.18.1gsp

vendor=cisco AND product=ios_xe AND version=3.18.1hsp

vendor=cisco AND product=ios_xe AND version=3.18.1isp

vendor=cisco AND product=ios_xe AND version=3.18.1s

vendor=cisco AND product=ios_xe AND version=3.18.1sp

vendor=cisco AND product=ios_xe AND version=3.18.2asp

vendor=cisco AND product=ios_xe AND version=3.18.2s

vendor=cisco AND product=ios_xe AND version=3.18.2sp

vendor=cisco AND product=ios_xe AND version=3.18.3s

vendor=cisco AND product=ios_xe AND version=3.18.4s

vendor=cisco AND product=ios_xe AND version=16.2.1

vendor=cisco AND product=ios_xe AND version=16.2.2

vendor=cisco AND product=ios_xe AND version=16.3.1

vendor=cisco AND product=ios_xe AND version=16.3.1a

vendor=cisco AND product=ios_xe AND version=16.3.2

vendor=cisco AND product=ios_xe AND version=16.3.3

vendor=cisco AND product=ios_xe AND version=16.3.4

vendor=cisco AND product=ios_xe AND version=16.4.1

vendor=cisco AND product=ios_xe AND version=16.4.2

vendor=cisco AND product=ios_xe AND version=16.4.3

vendor=cisco AND product=ios_xe AND version=16.5.1

vendor=cisco AND product=ios_xe AND version=16.5.1a

vendor=cisco AND product=ios_xe AND version=16.5.1b

vendor=cisco AND product=ios_xe AND version=16.9.3s

vendor=cisco AND product=ios_xe AND version=16.9.4c

vendor=cisco AND product=ios AND version=15.3\(3\)jd

vendor=cisco AND product=ios AND version=15.3\(3\)jd2

vendor=cisco AND product=ios AND version=15.3\(3\)jd3

vendor=cisco AND product=ios AND version=15.3\(3\)jd4

vendor=cisco AND product=ios AND version=15.3\(3\)jd5

vendor=cisco AND product=ios AND version=15.3\(3\)jd6

vendor=cisco AND product=ios AND version=15.3\(3\)jd7

vendor=cisco AND product=ios AND version=15.3\(3\)jd8

vendor=cisco AND product=ios AND version=15.3\(3\)jd9

vendor=cisco AND product=ios AND version=15.3\(3\)jd11

vendor=cisco AND product=ios AND version=15.3\(3\)jd12

vendor=cisco AND product=ios AND version=15.3\(3\)jd13

vendor=cisco AND product=ios AND version=15.3\(3\)jd14

vendor=cisco AND product=ios AND version=15.3\(3\)je

vendor=cisco AND product=ios AND version=15.3\(3\)jf

vendor=cisco AND product=ios AND version=15.3\(3\)jf1

vendor=cisco AND product=ios AND version=15.3\(3\)jf2

vendor=cisco AND product=ios AND version=15.3\(3\)jf4

vendor=cisco AND product=ios AND version=15.3\(3\)jf5

vendor=cisco AND product=ios AND version=15.3\(3\)jg

vendor=cisco AND product=ios AND version=15.3\(3\)jg1

vendor=cisco AND product=ios AND version=15.3\(3\)jh

vendor=cisco AND product=ios AND version=15.3\(3\)jk6

vendor=cisco AND product=ios AND version=15.3\(3\)jnp

vendor=cisco AND product=ios AND version=15.3\(3\)jnp1

vendor=cisco AND product=ios AND version=15.3\(3\)jnp3

vendor=cisco AND product=ios AND version=15.3\(3\)jpb

vendor=cisco AND product=ios AND version=15.3\(3\)jpb1

vendor=cisco AND product=ios AND version=15.3\(3\)jpc

vendor=cisco AND product=ios AND version=15.3\(3\)jpc1

vendor=cisco AND product=ios AND version=15.3\(3\)jpc2

vendor=cisco AND product=ios AND version=15.3\(3\)jpc3

vendor=cisco AND product=ios AND version=15.3\(3\)jpc5

vendor=cisco AND product=ios AND version=15.3\(3\)jpd

vendor=cisco AND product=ios AND version=15.5\(3\)m

vendor=cisco AND product=ios AND version=15.5\(3\)m0a

vendor=cisco AND product=ios AND version=15.5\(3\)m1

vendor=cisco AND product=ios AND version=15.5\(3\)m2

vendor=cisco AND product=ios AND version=15.5\(3\)m2a

vendor=cisco AND product=ios AND version=15.5\(3\)m3

vendor=cisco AND product=ios AND version=15.5\(3\)m4

vendor=cisco AND product=ios AND version=15.5\(3\)m4a

vendor=cisco AND product=ios AND version=15.5\(3\)m4b

vendor=cisco AND product=ios AND version=15.5\(3\)m4c

vendor=cisco AND product=ios AND version=15.5\(3\)m5

vendor=cisco AND product=ios AND version=15.5\(3\)s

vendor=cisco AND product=ios AND version=15.5\(3\)s0a

vendor=cisco AND product=ios AND version=15.5\(3\)s1

vendor=cisco AND product=ios AND version=15.5\(3\)s1a

vendor=cisco AND product=ios AND version=15.5\(3\)s2

vendor=cisco AND product=ios AND version=15.5\(3\)s3

vendor=cisco AND product=ios AND version=15.5\(3\)s4

vendor=cisco AND product=ios AND version=15.5\(3\)s5

vendor=cisco AND product=ios AND version=15.5\(3\)sn

vendor=cisco AND product=ios AND version=15.5\(3\)sn0a

vendor=cisco AND product=ios AND version=15.6\(1\)s

vendor=cisco AND product=ios AND version=15.6\(1\)s1

vendor=cisco AND product=ios AND version=15.6\(1\)s2

vendor=cisco AND product=ios AND version=15.6\(1\)s3

vendor=cisco AND product=ios AND version=15.6\(1\)s4

vendor=cisco AND product=ios AND version=15.6\(1\)sn

vendor=cisco AND product=ios AND version=15.6\(1\)sn1

vendor=cisco AND product=ios AND version=15.6\(1\)sn2

vendor=cisco AND product=ios AND version=15.6\(1\)sn3

vendor=cisco AND product=ios AND version=15.6\(1\)t

vendor=cisco AND product=ios AND version=15.6\(1\)t0a

vendor=cisco AND product=ios AND version=15.6\(1\)t1

vendor=cisco AND product=ios AND version=15.6\(1\)t2

vendor=cisco AND product=ios AND version=15.6\(2\)s

vendor=cisco AND product=ios AND version=15.6\(2\)s1

vendor=cisco AND product=ios AND version=15.6\(2\)s2

vendor=cisco AND product=ios AND version=15.6\(2\)s3

vendor=cisco AND product=ios AND version=15.6\(2\)s4

vendor=cisco AND product=ios AND version=15.6\(2\)sn

vendor=cisco AND product=ios AND version=15.6\(2\)t

vendor=cisco AND product=ios AND version=15.6\(2\)t0a

vendor=cisco AND product=ios AND version=15.6\(2\)t1

vendor=cisco AND product=ios AND version=15.6\(2\)t2

vendor=cisco AND product=ios AND version=15.6\(3\)m

vendor=cisco AND product=ios AND version=15.6\(3\)m0a

vendor=cisco AND product=ios AND version=15.6\(3\)m1

vendor=cisco AND product=ios AND version=15.6\(3\)m1a

vendor=cisco AND product=ios AND version=15.6\(3\)m1b

vendor=cisco AND product=ios AND version=15.6\(3\)sn

vendor=cisco AND product=ios AND version=15.6\(4\)sn

vendor=cisco AND product=ios AND version=15.6\(5\)sn

vendor=cisco AND product=ios AND version=15.6\(6\)sn

vendor=cisco AND product=ios AND version=15.6\(7\)sn

vendor=cisco AND product=ios AND version=15.6\(7\)sn1

vendor=cisco AND product=ios AND version=15.6\(7\)sn2

vendor=cisco AND product=ios AND version=15.6\(7\)sn3

Reference

20190327 Cisco IOS and IOS XE Software Network-Based Application Recognition Denial of Service Vulnerabilities-Patch, Vendor Advisory
107597-Third Party Advisory, VDB Entry

Keywords

CVE-2019-1740

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2019-1740

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures