CVE-2019-12663

Published: Sep 25, 2019Modified: Nov 21, 2024

8.6

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 4.0

Source: NVD

Description

A vulnerability in the Cisco TrustSec (CTS) Protected Access Credential (PAC) provisioning module of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of attributes in RADIUS messages. An attacker could exploit this vulnerability by sending a malicious RADIUS message to an affected device while the device is in a specific state.

Affected (2)

Products: Cisco: Ios Xe

Cisco

1 product

Ios Xe

Configuration A

2 vulnerable · 48 platform

Vulnerable Software	Affected Versions
Cisco Ios Xe	Version 16.12.1
Cisco Ios Xe	Version 16.6.4

Running on/with	Platform Versions
Cisco Catalyst 9300 24p A	All versions
Cisco Catalyst 9300 24p E	All versions
Cisco Catalyst 9300 24s A	All versions
Cisco Catalyst 9300 24s E	All versions
Cisco Catalyst 9300 24t A	All versions
Cisco Catalyst 9300 24t E	All versions
Cisco Catalyst 9300 24u A	All versions
Cisco Catalyst 9300 24u E	All versions
Cisco Catalyst 9300 24ux A	All versions
Cisco Catalyst 9300 24ux E	All versions
Cisco Catalyst 9300 48p A	All versions
Cisco Catalyst 9300 48p E	All versions
Cisco Catalyst 9300 48s A	All versions
Cisco Catalyst 9300 48s E	All versions
Cisco Catalyst 9300 48t A	All versions
Cisco Catalyst 9300 48t E	All versions
Cisco Catalyst 9300 48u A	All versions
Cisco Catalyst 9300 48u E	All versions
Cisco Catalyst 9300 48un A	All versions
Cisco Catalyst 9300 48un E	All versions
Cisco Catalyst 9300 48uxm A	All versions
Cisco Catalyst 9300 48uxm E	All versions
Cisco Catalyst 9300l 24p 4g A	All versions
Cisco Catalyst 9300l 24p 4g E	All versions
Cisco Catalyst 9300l 24p 4x A	All versions
Cisco Catalyst 9300l 24p 4x E	All versions
Cisco Catalyst 9300l 24t 4g A	All versions
Cisco Catalyst 9300l 24t 4g E	All versions
Cisco Catalyst 9300l 24t 4x A	All versions
Cisco Catalyst 9300l 24t 4x E	All versions
Cisco Catalyst 9300l 48p 4g A	All versions
Cisco Catalyst 9300l 48p 4g E	All versions
Cisco Catalyst 9300l 48p 4x A	All versions
Cisco Catalyst 9300l 48p 4x E	All versions
Cisco Catalyst 9300l 48t 4g A	All versions
Cisco Catalyst 9300l 48t 4g E	All versions
Cisco Catalyst 9300l 48t 4x A	All versions
Cisco Catalyst 9300l 48t 4x E	All versions
Cisco Catalyst 9300l Stack	All versions
Cisco Catalyst C9500 12q A	All versions
Cisco Catalyst C9500 12q E	All versions
Cisco Catalyst C9500 16x A	All versions
Cisco Catalyst C9500 16x E	All versions
Cisco Catalyst C9500 24q A	All versions
Cisco Catalyst C9500 24q E	All versions
Cisco Catalyst C9500 40x A	All versions
Cisco Catalyst C9500 40x E	All versions
Cisco Cbr 8 Converged Broadband Router	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ctspac-dos

Source: psirt@cisco.com

Vendor Advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ctspac-dos

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.