vulnerability

Cisco IOS-XR: CVE-2019-16027: Cisco IOS XR Software Intermediate System-to-Intermediate System Denial of Service Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:N/I:N/A:P)	Jan 22, 2020	May 19, 2021	Mar 3, 2023

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:N/A:P)

Published

Jan 22, 2020

Added

May 19, 2021

Modified

Mar 3, 2023

Description

A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the IS–IS process. The vulnerability is due to improper handling of a Simple Network Management Protocol (SNMP) request for specific Object Identifiers (OIDs) by the IS–IS process. An attacker could exploit this vulnerability by sending a crafted SNMP request to the affected device. A successful exploit could allow the attacker to cause a DoS condition in the IS–IS process.

Solution

update-xros

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today