Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-12653

A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket Transport payloads. An attacker could exploit this vulnerability by establishing a TCP session and then sending a malicious TCP segment via IPv4 to an affected device. This cannot be exploited via IPv6, as the Raw Socket Transport feature does not support IPv6 as a network layer protocol.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.0%
CVSS Severity
CVSS v3 Score 8.6
CVSS v2 Score 7.8
Products affected by CVE-2019-12653
  • Cisco » Asr 902 » Version: N/A
    cpe:2.3:h:cisco:asr_902:-
  • Cisco » Asr 902u » Version: N/A
    cpe:2.3:h:cisco:asr_902u:-
  • Cisco » Asr 903 » Version: N/A
    cpe:2.3:h:cisco:asr_903:-
  • Cisco » Asr 907 » Version: N/A
    cpe:2.3:h:cisco:asr_907:-
  • Cisco » Asr 914 » Version: N/A
    cpe:2.3:h:cisco:asr_914:-
  • Cisco » Ios Xe » Version: 16.10.1
    cpe:2.3:o:cisco:ios_xe:16.10.1
  • Cisco » Ios Xe » Version: 16.9
    cpe:2.3:o:cisco:ios_xe:16.9


Products
Pricing
Contact Us

Shodan ® - All rights reserved