Strix
26.1K

CVE-2019-1740

HIGHCVSS 8.6/10EPSS 2.19%

Last modified

CVE-2019-1740 is a high-severity vulnerability rated 8.6/10 on the CVSS scale. A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability are due to a parsing issue on DNS packets. EPSS estimates a 2.19% chance of exploitation in the next 30 days.

Description

A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability are due to a parsing issue on DNS packets. An attacker could exploit this vulnerability by sending crafted DNS packets through routers that are running an affected version and have NBAR enabled. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.

Metrics

CVSS 3.1
8.6/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS Probability
2.19%

80.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoIos Xe3.2.0ja
CiscoIos Xe3.16.0as
CiscoIos Xe3.16.0bs
CiscoIos Xe3.16.0cs
CiscoIos Xe3.16.0s
CiscoIos Xe3.16.1as
CiscoIos Xe3.16.1s
CiscoIos Xe3.16.2as
CiscoIos Xe3.16.2bs
CiscoIos Xe3.16.2s
CiscoIos Xe3.16.3as
CiscoIos Xe3.16.3s
CiscoIos Xe3.16.4as
CiscoIos Xe3.16.4bs
CiscoIos Xe3.16.4cs
CiscoIos Xe3.16.4ds
CiscoIos Xe3.16.4es
CiscoIos Xe3.16.4gs
CiscoIos Xe3.16.4s
CiscoIos Xe3.16.5as
CiscoIos Xe3.16.5s
CiscoIos Xe3.17.0s
CiscoIos Xe3.17.1as
CiscoIos Xe3.17.1s
CiscoIos Xe3.17.2s
CiscoIos Xe3.17.3s
CiscoIos Xe3.17.4s
CiscoIos Xe3.18.0as
CiscoIos Xe3.18.0s
CiscoIos Xe3.18.0sp
CiscoIos Xe3.18.1asp
CiscoIos Xe3.18.1bsp
CiscoIos Xe3.18.1csp
CiscoIos Xe3.18.1gsp
CiscoIos Xe3.18.1hsp
CiscoIos Xe3.18.1isp
CiscoIos Xe3.18.1s
CiscoIos Xe3.18.1sp
CiscoIos Xe3.18.2asp
CiscoIos Xe3.18.2s
CiscoIos Xe3.18.2sp
CiscoIos Xe3.18.3s
CiscoIos Xe3.18.4s
CiscoIos Xe16.2.1
CiscoIos Xe16.2.2
CiscoIos Xe16.3.1
CiscoIos Xe16.3.1a
CiscoIos Xe16.3.2
CiscoIos Xe16.3.3
CiscoIos Xe16.3.4

Showing 50 of 149 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2019-1740?
A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability are due to a parsing issue on DNS packets. An attacker could exploit this vulnerability by sending crafted DNS packets through routers that are running an affected version and have NBAR enabled. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.
How severe is CVE-2019-1740?
CVE-2019-1740 has a CVSS score of 8.6/10 (HIGH severity). The EPSS model estimates a 2.19% probability of exploitation in the next 30 days.
How do I fix CVE-2019-1740?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-1740?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST