CVE-2019-1951

MEDIUM

Cisco SD-WAN Firmware < 19.1.0 - Unauthenticated Traffic Filter Bypass via Malicious TCP Packet

Title source: llm
STIX 2.1

Description

A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by crafting a malicious TCP packet with specific characteristics and sending it to a target device. A successful exploit could allow the attacker to bypass the L3 and L4 traffic filters and inject an arbitrary packet in the network.

References (1)

Core 1
Core References

Scores

CVSS v3 5.8
EPSS 0.0146
EPSS Percentile 70.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-20
Status published
Products (1)
cisco/sd-wan_firmware < 19.1.0
Published Aug 08, 2019
Tracked Since Feb 18, 2026