CVE-2019-12663 (GCVE-0-2019-12663)
Vulnerability from cvelistv5 – Published: 2019-09-25 20:15 – Updated: 2024-11-21 19:14
VLAI?
Summary
A vulnerability in the Cisco TrustSec (CTS) Protected Access Credential (PAC) provisioning module of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of attributes in RADIUS messages. An attacker could exploit this vulnerability by sending a malicious RADIUS message to an affected device while the device is in a specific state.
Severity ?
6.8 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XE Software |
Affected:
unspecified , < n/a
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:24:39.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190925 Cisco IOS XE Software TrustSec Protected Access Credential Provisioning Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ctspac-dos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-12663",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:56:59.042936Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:14:06.577Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-09-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco TrustSec (CTS) Protected Access Credential (PAC) provisioning module of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of attributes in RADIUS messages. An attacker could exploit this vulnerability by sending a malicious RADIUS message to an affected device while the device is in a specific state."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-25T20:15:34",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190925 Cisco IOS XE Software TrustSec Protected Access Credential Provisioning Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ctspac-dos"
}
],
"source": {
"advisory": "cisco-sa-20190925-ctspac-dos",
"defect": [
[
"CSCvo79239"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE Software TrustSec Protected Access Credential Provisioning Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-09-25T16:00:00-0700",
"ID": "CVE-2019-12663",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE Software TrustSec Protected Access Credential Provisioning Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco TrustSec (CTS) Protected Access Credential (PAC) provisioning module of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of attributes in RADIUS messages. An attacker could exploit this vulnerability by sending a malicious RADIUS message to an affected device while the device is in a specific state."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.8",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190925 Cisco IOS XE Software TrustSec Protected Access Credential Provisioning Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ctspac-dos"
}
]
},
"source": {
"advisory": "cisco-sa-20190925-ctspac-dos",
"defect": [
[
"CSCvo79239"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-12663",
"datePublished": "2019-09-25T20:15:34.281392Z",
"dateReserved": "2019-06-04T00:00:00",
"dateUpdated": "2024-11-21T19:14:06.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:16.6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"65020120-491D-46CD-8C73-974B6F4C11E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C98DED36-D4B5-48D6-964E-EEEE97936700\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3765B3DB-8B1B-46EF-AF7D-ED1EB2079C3A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"74AED057-2458-4DE0-8D51-ABD766D07F68\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"19538C03-5FB8-4401-8B21-489C629D7E7D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B26D7061-F471-4DF0-A892-ED132958B84A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"033ED443-80E7-4012-9825-07AAC0D44B96\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD3F3CC6-A349-47B1-B282-B6458683C191\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB24EF21-1C10-48A7-BC68-FFC842A28D12\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED0625A2-BF14-4552-83D8-AEE0A04EA023\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD0D6ED6-AE64-4E20-B9CD-3EAA22709CFF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"21AFDC0D-7629-424E-827B-C8A8767324C3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A263CFF2-A659-405B-90EA-51E49B25C6D3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CEFBD449-217D-4569-99F7-D56B853A3E07\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-48s-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7ED668FC-D1A5-4175-A234-23760BA6E788\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-48s-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D650C48-9241-42F7-87A9-20733329489A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3ED16A65-9AFF-4825-95D1-162FBA0F566D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"82D345E7-8208-41AC-B11A-4425D29E98A1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E386D461-F1C1-4970-B056-D6119E74D449\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"99F3A466-F665-4132-ABC4-2DFC0A7E2B55\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-48un-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3395168-FF2E-4CB6-AABE-5E36DEB241CA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-48un-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F525CBC-1CE6-4CAB-B1C1-DFA7EA462EF0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"226F985C-4669-4D0A-9DB4-CB1465B37B02\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B736A43-6F4E-40A9-84E4-D9E251489234\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26437DA7-2EFE-4CA2-8DB0-9FECBEFAE4EA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E99CA124-7D86-463B-A31E-A7836B7493E6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E014B028-8DD9-428C-B705-8F428F145932\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A6C44229-A842-49B2-AD3E-79C83DB63EBE\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D56D21F-0F55-4AB1-AB9B-8EAE08F4BEDA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3C0441D-A7AC-4B4E-970A-3A441C2F66B0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5306E847-C718-4C83-9C97-8AB498DC4A88\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"18287CEF-B574-4498-A256-567CA6E6CA7C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E9AAA2C-495E-4FD1-9050-264FDC25254B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5713043E-2535-4540-B3EF-41FAC40BECE9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C0C18E5-45B9-49D2-A4AB-DD8D5CB04C5C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67701D77-8B03-446A-AE22-4B8CCCD6F029\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B0BEAE3-2056-4B7B-8D7C-AEE3DC86CC2A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"831A2390-7170-4FC0-A95E-3DAB1791017D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F788CBC4-782F-4A43-AC80-4AEF1C43A22D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"493989DC-8F1B-45C9-AD11-38B97B958C9C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9300l_stack:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"419ABFB5-2C27-4EBE-98EF-8A8B718CD1F9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-12q-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D09786E-BB71-4ECA-878A-2CD33EE2DFF2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-12q-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"32A2AD4E-27B8-4022-90D5-34DA597B55E1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-16x-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F69531D5-09B2-407D-8361-2FD7C93FF841\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-16x-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB3D5CED-76D9-4A9C-8FD2-34DDED24E714\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-24q-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC50F73C-5026-44E0-AE29-E8AD3A112FC6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-24q-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24FF0D66-D25B-4240-883D-8B02B17DB1A8\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-40x-a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45233420-4380-4D64-B46D-D400A7224CA5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-40x-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7925AF68-4E36-4281-A710-070DD4BEDA8B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:cbr-8_converged_broadband_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6CCBE67-E509-43EC-9AFB-8A9B6A115126\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the Cisco TrustSec (CTS) Protected Access Credential (PAC) provisioning module of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of attributes in RADIUS messages. An attacker could exploit this vulnerability by sending a malicious RADIUS message to an affected device while the device is in a specific state.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en el m\\u00f3dulo de aprovisionamiento Cisco TrustSec (CTS) Protected Access Credential (PAC) del software Cisco IOS XE, podr\\u00eda permitir a un atacante remoto no autenticado causar una recarga de un dispositivo afectado, resultando en una condici\\u00f3n de denegaci\\u00f3n de servicio (DoS). La vulnerabilidad es debido a la comprobaci\\u00f3n inapropiada de atributos en los mensajes RADIUS. Un atacante podr\\u00eda explotar esta vulnerabilidad mediante el env\\u00edo de un mensaje RADIUS malicioso hacia un dispositivo afectado mientras el dispositivo se encuentra en un estado espec\\u00edfico.\"}]",
"id": "CVE-2019-12663",
"lastModified": "2024-11-21T04:23:18.320",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\", \"baseScore\": 8.6, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 4.0}], \"cvssMetricV30\": [{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H\", \"baseScore\": 6.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 4.0}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2019-09-25T21:15:11.267",
"references": "[{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ctspac-dos\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ctspac-dos\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-12663\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2019-09-25T21:15:11.267\",\"lastModified\":\"2024-11-21T04:23:18.320\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the Cisco TrustSec (CTS) Protected Access Credential (PAC) provisioning module of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of attributes in RADIUS messages. An attacker could exploit this vulnerability by sending a malicious RADIUS message to an affected device while the device is in a specific state.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el m\u00f3dulo de aprovisionamiento Cisco TrustSec (CTS) Protected Access Credential (PAC) del software Cisco IOS XE, podr\u00eda permitir a un atacante remoto no autenticado causar una recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido a la comprobaci\u00f3n inapropiada de atributos en los mensajes RADIUS. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un mensaje RADIUS malicioso hacia un dispositivo afectado mientras el dispositivo se encuentra en un estado espec\u00edfico.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.0}],\"cvssMetricV30\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":4.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65020120-491D-46CD-8C73-974B6F4C11E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C98DED36-D4B5-48D6-964E-EEEE97936700\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3765B3DB-8B1B-46EF-AF7D-ED1EB2079C3A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74AED057-2458-4DE0-8D51-ABD766D07F68\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19538C03-5FB8-4401-8B21-489C629D7E7D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B26D7061-F471-4DF0-A892-ED132958B84A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"033ED443-80E7-4012-9825-07AAC0D44B96\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD3F3CC6-A349-47B1-B282-B6458683C191\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB24EF21-1C10-48A7-BC68-FFC842A28D12\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED0625A2-BF14-4552-83D8-AEE0A04EA023\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD0D6ED6-AE64-4E20-B9CD-3EAA22709CFF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21AFDC0D-7629-424E-827B-C8A8767324C3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A263CFF2-A659-405B-90EA-51E49B25C6D3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEFBD449-217D-4569-99F7-D56B853A3E07\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-48s-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7ED668FC-D1A5-4175-A234-23760BA6E788\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-48s-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D650C48-9241-42F7-87A9-20733329489A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ED16A65-9AFF-4825-95D1-162FBA0F566D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82D345E7-8208-41AC-B11A-4425D29E98A1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E386D461-F1C1-4970-B056-D6119E74D449\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99F3A466-F665-4132-ABC4-2DFC0A7E2B55\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-48un-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3395168-FF2E-4CB6-AABE-5E36DEB241CA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-48un-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F525CBC-1CE6-4CAB-B1C1-DFA7EA462EF0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"226F985C-4669-4D0A-9DB4-CB1465B37B02\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B736A43-6F4E-40A9-84E4-D9E251489234\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26437DA7-2EFE-4CA2-8DB0-9FECBEFAE4EA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E99CA124-7D86-463B-A31E-A7836B7493E6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E014B028-8DD9-428C-B705-8F428F145932\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6C44229-A842-49B2-AD3E-79C83DB63EBE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D56D21F-0F55-4AB1-AB9B-8EAE08F4BEDA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3C0441D-A7AC-4B4E-970A-3A441C2F66B0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5306E847-C718-4C83-9C97-8AB498DC4A88\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18287CEF-B574-4498-A256-567CA6E6CA7C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E9AAA2C-495E-4FD1-9050-264FDC25254B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5713043E-2535-4540-B3EF-41FAC40BECE9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C0C18E5-45B9-49D2-A4AB-DD8D5CB04C5C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67701D77-8B03-446A-AE22-4B8CCCD6F029\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B0BEAE3-2056-4B7B-8D7C-AEE3DC86CC2A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"831A2390-7170-4FC0-A95E-3DAB1791017D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F788CBC4-782F-4A43-AC80-4AEF1C43A22D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"493989DC-8F1B-45C9-AD11-38B97B958C9C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9300l_stack:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"419ABFB5-2C27-4EBE-98EF-8A8B718CD1F9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-12q-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D09786E-BB71-4ECA-878A-2CD33EE2DFF2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-12q-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32A2AD4E-27B8-4022-90D5-34DA597B55E1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-16x-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F69531D5-09B2-407D-8361-2FD7C93FF841\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-16x-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB3D5CED-76D9-4A9C-8FD2-34DDED24E714\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-24q-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC50F73C-5026-44E0-AE29-E8AD3A112FC6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-24q-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24FF0D66-D25B-4240-883D-8B02B17DB1A8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-40x-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45233420-4380-4D64-B46D-D400A7224CA5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-40x-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7925AF68-4E36-4281-A710-070DD4BEDA8B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:cbr-8_converged_broadband_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6CCBE67-E509-43EC-9AFB-8A9B6A115126\"}]}]}],\"references\":[{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ctspac-dos\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ctspac-dos\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ctspac-dos\", \"name\": \"20190925 Cisco IOS XE Software TrustSec Protected Access Credential Provisioning Denial of Service Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T23:24:39.254Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2019-12663\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-21T18:56:59.042936Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-21T18:58:21.235Z\"}}], \"cna\": {\"title\": \"Cisco IOS XE Software TrustSec Protected Access Credential Provisioning Denial of Service Vulnerability\", \"source\": {\"defect\": [[\"CSCvo79239\"]], \"advisory\": \"cisco-sa-20190925-ctspac-dos\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"CHANGED\", \"version\": \"3.0\", \"baseScore\": 6.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco IOS XE Software\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"n/a\", \"versionType\": \"custom\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"datePublic\": \"2019-09-25T00:00:00\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ctspac-dos\", \"name\": \"20190925 Cisco IOS XE Software TrustSec Protected Access Credential Provisioning Denial of Service Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the Cisco TrustSec (CTS) Protected Access Credential (PAC) provisioning module of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of attributes in RADIUS messages. An attacker could exploit this vulnerability by sending a malicious RADIUS message to an affected device while the device is in a specific state.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2019-09-25T20:15:34\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.0\", \"baseScore\": \"6.8\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H\"}}, \"source\": {\"defect\": [[\"CSCvo79239\"]], \"advisory\": \"cisco-sa-20190925-ctspac-dos\", \"discovery\": \"INTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"affected\": \"\u003c\", \"version_value\": \"n/a\", \"version_affected\": \"\u003c\"}]}, \"product_name\": \"Cisco IOS XE Software\"}]}, \"vendor_name\": \"Cisco\"}]}}, \"exploit\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ctspac-dos\", \"name\": \"20190925 Cisco IOS XE Software TrustSec Protected Access Credential Provisioning Denial of Service Vulnerability\", \"refsource\": \"CISCO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A vulnerability in the Cisco TrustSec (CTS) Protected Access Credential (PAC) provisioning module of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of attributes in RADIUS messages. An attacker could exploit this vulnerability by sending a malicious RADIUS message to an affected device while the device is in a specific state.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-20\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2019-12663\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Cisco IOS XE Software TrustSec Protected Access Credential Provisioning Denial of Service Vulnerability\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2019-09-25T16:00:00-0700\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2019-12663\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-21T19:14:06.577Z\", \"dateReserved\": \"2019-06-04T00:00:00\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2019-09-25T20:15:34.281392Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…