CVE-2019-1752 Information

Description

A vulnerability in the ISDN functions of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated remote attacker to cause the device to reload. The vulnerability is due to incorrect processing of specific values in the Q.931 information elements. An attacker could exploit this vulnerability by calling the affected device with specific Q.931 information elements being present. An exploit could allow the attacker to cause the device to reload resulting in a denial of service (DoS) condition on an affected device.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

http://www.securityfocus.com/bid/107589 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-isdn

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.5