Vulnerability Details CVE-2019-12656
A vulnerability in the IOx application environment of multiple Cisco platforms could allow an unauthenticated, remote attacker to cause the IOx web server to stop processing HTTPS requests, resulting in a denial of service (DoS) condition. The vulnerability is due to a Transport Layer Security (TLS) implementation issue. An attacker could exploit this vulnerability by sending crafted TLS packets to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing HTTPS requests, resulting in a DoS condition.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.015
EPSS Ranking 80.4%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2019-12656
-
cpe:2.3:h:cisco:cgr_1000:-
-
cpe:2.3:h:cisco:ic3000:-
-
cpe:2.3:h:cisco:ie_2000-16ptc-g:-
-
cpe:2.3:h:cisco:ie_2000-16t67:-
-
cpe:2.3:h:cisco:ie_2000-16t67p:-
-
cpe:2.3:h:cisco:ie_2000-16tc-g-e:-
-
cpe:2.3:h:cisco:ie_2000-16tc-g-n:-
-
cpe:2.3:h:cisco:ie_2000-16tc-g-x:-
-
cpe:2.3:h:cisco:ie_2000-16tc-g:-
-
cpe:2.3:h:cisco:ie_2000-16tc:-
-
cpe:2.3:h:cisco:ie_2000-24t67:-
-
cpe:2.3:h:cisco:ie_2000-4s-ts-g:-
-
cpe:2.3:h:cisco:ie_2000-4t-g:-
-
cpe:2.3:h:cisco:ie_2000-4t:-
-
cpe:2.3:h:cisco:ie_2000-4ts-g:-
-
cpe:2.3:h:cisco:ie_2000-4ts:-
-
cpe:2.3:h:cisco:ie_2000-8t67:-
-
cpe:2.3:h:cisco:ie_2000-8t67p:-
-
cpe:2.3:h:cisco:ie_2000-8tc-g-e:-
-
cpe:2.3:h:cisco:ie_2000-8tc-g-n:-
-
cpe:2.3:h:cisco:ie_2000-8tc-g:-
-
cpe:2.3:h:cisco:ie_2000-8tc:-
-
cpe:2.3:h:cisco:ie_4000:-
-
cpe:2.3:h:cisco:ir510_wpan:-
-
cpe:2.3:o:cisco:cgr_1000_firmware:-
-
cpe:2.3:o:cisco:ic3000_firmware:-
-
cpe:2.3:o:cisco:ie_4000_firmware:-
-
cpe:2.3:o:cisco:industrial_ethernet_2000_series_firmware:15.2(6)e
-
cpe:2.3:o:cisco:ios:1.6.0.0
-
cpe:2.3:o:cisco:ios:1.8.0
-
cpe:2.3:o:cisco:ir510_wpan_firmware:-