CVE-2019-1739

HIGH

Cisco IOS - Unauthenticated Denial of Service via NBAR DNS Packet Parsing

Title source: llm
STIX 2.1

Description

A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability is due to a parsing issue on DNS packets. An attacker could exploit this vulnerability by sending crafted DNS packets through routers that are running an affected version and have NBAR enabled. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.

References (2)

Core 2
Core References
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/107597

Scores

CVSS v3 7.5
EPSS 0.0252
EPSS Percentile 82.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (50)
cisco/ios 15.1\(2\)sg8a
cisco/ios 15.1\(3\)svg3d
cisco/ios 15.1\(3\)svi1b
cisco/ios 15.1\(3\)svk4b
cisco/ios 15.1\(3\)svk4c
cisco/ios 15.1\(3\)svm3
cisco/ios 15.1\(3\)svn2
cisco/ios 15.1\(3\)svo1
cisco/ios 15.1\(3\)svo2
cisco/ios 15.1\(3\)svo3
... and 40 more
Published Mar 28, 2019
Tracked Since Feb 18, 2026