CVE-2019-1739
HIGHCisco IOS - Unauthenticated Denial of Service via NBAR DNS Packet Parsing
Title source: llmDescription
A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability is due to a parsing issue on DNS packets. An attacker could exploit this vulnerability by sending crafted DNS packets through routers that are running an affected version and have NBAR enabled. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.
References (2)
Core 2
Core References
Patch, Vendor Advisory vendor-advisory
x_refsource_cisco
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-nbar
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/107597
Scores
CVSS v3
7.5
EPSS
0.0252
EPSS Percentile
82.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (50)
cisco/ios
15.1\(2\)sg8a
cisco/ios
15.1\(3\)svg3d
cisco/ios
15.1\(3\)svi1b
cisco/ios
15.1\(3\)svk4b
cisco/ios
15.1\(3\)svk4c
cisco/ios
15.1\(3\)svm3
cisco/ios
15.1\(3\)svn2
cisco/ios
15.1\(3\)svo1
cisco/ios
15.1\(3\)svo2
cisco/ios
15.1\(3\)svo3
... and 40 more
Published
Mar 28, 2019
Tracked Since
Feb 18, 2026