Executive Summary

Informations
Name CVE-2019-1849 First vendor Publication 2019-05-15
Vendor Cve Last vendor Modification 2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Overall CVSS Score 6.5
Base Score 6.5 Environmental Score 6.5
impact SubScore 3.6 Temporal Score 6.5
Exploitabality Sub Score 2.8
 
Attack Vector Adjacent Attack Complexity Low
Privileges Required None User Interaction None
Scope Unchanged Confidentiality Impact None
Integrity Impact None Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:A/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 6.1 Attack Range Adjacent network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 6.5 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in the Border Gateway Patrol (BGP) Multiprotocol Label Switching (MPLS)-based Ethernet VPN (EVPN) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to a logic error that occurs when the affected software processes specific EVPN routing information. An attacker could exploit this vulnerability by injecting malicious traffic patterns into the targeted EVPN network. A successful exploit could result in a crash of the l2vpn_mgr process on Provider Edge (PE) device members of the same EVPN instance (EVI). On each of the affected devices, a crash could lead to system instability and the inability to process or forward traffic through the device, resulting in a DoS condition that would require manual intervention to restore normal operating conditions.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1849

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-754 Improper Check for Unusual or Exceptional Conditions

CPE : Common Platform Enumeration

TypeDescriptionCount
Hardware 1
Os 219

Sources (Detail)

http://www.securityfocus.com/bid/108342
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-s...
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Date Informations
2024-11-28 13:29:22
  • Multiple Updates
2024-10-08 02:00:54
  • Multiple Updates
2024-10-03 12:59:27
  • Multiple Updates
2024-07-26 01:57:37
  • Multiple Updates
2023-09-20 01:53:00
  • Multiple Updates
2022-05-05 01:42:42
  • Multiple Updates
2021-11-06 12:38:19
  • Multiple Updates
2021-05-04 13:29:40
  • Multiple Updates
2021-04-22 02:43:55
  • Multiple Updates
2020-09-10 01:25:08
  • Multiple Updates
2020-05-24 01:28:41
  • Multiple Updates
2020-05-23 02:27:05
  • Multiple Updates
2019-10-10 05:21:03
  • Multiple Updates
2019-05-17 21:19:36
  • Multiple Updates
2019-05-16 21:19:34
  • Multiple Updates
2019-05-16 09:19:17
  • First insertion