CVE-2019-1752

HIGH

Cisco IOS - Unauthenticated Denial of Service via ISDN Q.931 Information Elements

Title source: llm
STIX 2.1

Description

A vulnerability in the ISDN functions of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect processing of specific values in the Q.931 information elements. An attacker could exploit this vulnerability by calling the affected device with specific Q.931 information elements being present. An exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition on an affected device.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/107589

Scores

CVSS v3 7.5
EPSS 0.0252
EPSS Percentile 82.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (50)
cisco/ios 15.0\(1\)m
cisco/ios 15.0\(1\)m1
cisco/ios 15.0\(1\)m2
cisco/ios 15.0\(1\)m3
cisco/ios 15.0\(1\)m4
cisco/ios 15.0\(1\)m5
cisco/ios 15.0\(1\)m6
cisco/ios 15.0\(1\)m6a
cisco/ios 15.0\(1\)m7
cisco/ios 15.0\(1\)m8
... and 40 more
Published Mar 28, 2019
Tracked Since Feb 18, 2026