CVE-2019-12658Uncontrolled Resource Consumption in Cisco IOS XE Software 16.1.1

CWE-400Uncontrolled Resource Consumption4 documents4 sources
Severity
7.5HIGHNVD
EPSS
1.0%
top 22.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco IOS XE Software 16.1.1Cisco IOS XE
Timeline
PublishedSep 25
Latest updateMay 24

Description

A vulnerability in the filesystem resource management code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to exhaust filesystem resources on an affected device and cause a denial of service (DoS) condition. The vulnerability is due to ineffective management of the underlying filesystem resources. An attacker could exploit this vulnerability by performing specific actions that result in messages being sent to specific operating system log files. A successful exploit coul

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5cisco/cisco_ios_xe_software_16.1.1unspecifiedn/a
NVDcisco/ios_xe16.6.1, 16.8.1+1

🔴Vulnerability Details

2
GHSA
GHSA-5p8p-jgmg-27h6: A vulnerability in the filesystem resource management code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to exhaust filesys2022-05-24
CVEList
Cisco IOS XE Software Filesystem Exhaustion Denial of Service Vulnerability2019-09-25

📋Vendor Advisories

1
Cisco
Cisco IOS XE Software Filesystem Exhaustion Denial of Service Vulnerability2019-09-25
CVE-2019-12658 — Uncontrolled Resource Consumption | cvebase