Vulnerability Details CVE-2019-12659
A vulnerability in the HTTP server code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the HTTP server to crash. The vulnerability is due to a logical error in the logging mechanism. An attacker could exploit this vulnerability by generating a high amount of long-lived connections to the HTTP service on the device. A successful exploit could allow the attacker to cause the HTTP server to crash.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.9%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
Products affected by CVE-2019-12659
-
cpe:2.3:h:cisco:cbr-8_converged_broadband_router:-
-
cpe:2.3:o:cisco:ios_xe:16.10.1