CVE-2019-1752
HIGHCisco IOS - Unauthenticated Denial of Service via ISDN Q.931 Information Elements
Title source: llmDescription
A vulnerability in the ISDN functions of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect processing of specific values in the Q.931 information elements. An attacker could exploit this vulnerability by calling the affected device with specific Q.931 information elements being present. An exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition on an affected device.
References (2)
Core 2
Core References
Patch, Vendor Advisory vendor-advisory
x_refsource_cisco
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-isdn
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/107589
Scores
CVSS v3
7.5
EPSS
0.0252
EPSS Percentile
82.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (50)
cisco/ios
15.0\(1\)m
cisco/ios
15.0\(1\)m1
cisco/ios
15.0\(1\)m2
cisco/ios
15.0\(1\)m3
cisco/ios
15.0\(1\)m4
cisco/ios
15.0\(1\)m5
cisco/ios
15.0\(1\)m6
cisco/ios
15.0\(1\)m6a
cisco/ios
15.0\(1\)m7
cisco/ios
15.0\(1\)m8
... and 40 more
Published
Mar 28, 2019
Tracked Since
Feb 18, 2026