Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-1849

A vulnerability in the Border Gateway Patrol (BGP) Multiprotocol Label Switching (MPLS)-based Ethernet VPN (EVPN) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to a logic error that occurs when the affected software processes specific EVPN routing information. An attacker could exploit this vulnerability by injecting malicious traffic patterns into the targeted EVPN network. A successful exploit could result in a crash of the l2vpn_mgr process on Provider Edge (PE) device members of the same EVPN instance (EVI). On each of the affected devices, a crash could lead to system instability and the inability to process or forward traffic through the device, resulting in a DoS condition that would require manual intervention to restore normal operating conditions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.3%
CVSS Severity
CVSS v3 Score 7.4
CVSS v2 Score 6.1
Products affected by CVE-2019-1849
  • Cisco » Ios Xr » Version: 6.1.0
    cpe:2.3:o:cisco:ios_xr:6.1.0
  • Cisco » Ios Xr » Version: 6.1.1
    cpe:2.3:o:cisco:ios_xr:6.1.1
  • Cisco » Ios Xr » Version: 6.1.2
    cpe:2.3:o:cisco:ios_xr:6.1.2
  • Cisco » Ios Xr » Version: 6.1.3
    cpe:2.3:o:cisco:ios_xr:6.1.3
  • Cisco » Ios Xr » Version: 6.1.3.01
    cpe:2.3:o:cisco:ios_xr:6.1.3.01
  • Cisco » Ios Xr » Version: 6.1.4
    cpe:2.3:o:cisco:ios_xr:6.1.4
  • Cisco » Ios Xr » Version: 6.1.4.base
    cpe:2.3:o:cisco:ios_xr:6.1.4.base
  • Cisco » Ios Xr » Version: 6.2.0
    cpe:2.3:o:cisco:ios_xr:6.2.0
  • Cisco » Ios Xr » Version: 6.2.1
    cpe:2.3:o:cisco:ios_xr:6.2.1
  • Cisco » Ios Xr » Version: 6.2.2
    cpe:2.3:o:cisco:ios_xr:6.2.2
  • Cisco » Ios Xr » Version: 6.2.25
    cpe:2.3:o:cisco:ios_xr:6.2.25
  • Cisco » Ios Xr » Version: 6.2.3
    cpe:2.3:o:cisco:ios_xr:6.2.3
  • Cisco » Ios Xr » Version: 6.2.3.base
    cpe:2.3:o:cisco:ios_xr:6.2.3.base
  • Cisco » Ios Xr » Version: 6.3.1
    cpe:2.3:o:cisco:ios_xr:6.3.1
  • Cisco » Ios Xr » Version: 6.3.2
    cpe:2.3:o:cisco:ios_xr:6.3.2
  • Cisco » Ios Xr » Version: 6.4.0
    cpe:2.3:o:cisco:ios_xr:6.4.0
  • Cisco » Ios Xr » Version: 6.4.1
    cpe:2.3:o:cisco:ios_xr:6.4.1
  • Cisco » Ios Xr » Version: 6.4.1_base
    cpe:2.3:o:cisco:ios_xr:6.4.1_base
  • Cisco » Ios Xr » Version: 6.5.0
    cpe:2.3:o:cisco:ios_xr:6.5.0
  • Cisco » Ios Xr » Version: 6.5.1
    cpe:2.3:o:cisco:ios_xr:6.5.1
  • Cisco » Ios Xr » Version: 6.6.0
    cpe:2.3:o:cisco:ios_xr:6.6.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved