Vulnerability Description
A vulnerability in the filesystem resource management code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to exhaust filesystem resources on an affected device and cause a denial of service (DoS) condition. The vulnerability is due to ineffective management of the underlying filesystem resources. An attacker could exploit this vulnerability by performing specific actions that result in messages being sent to specific operating system log files. A successful exploit could allow the attacker to exhaust available filesystem space on an affected device. This could cause the device to crash and reload, resulting in a DoS condition for clients whose network traffic is transiting the device. Upon reload of the device, the impacted filesystem space is cleared, and the device will return to normal operation. However, continued exploitation of this vulnerability could cause subsequent forced crashes and reloads, which could lead to an extended DoS condition.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios Xe | 16.6.1 |
| Cisco | 1100 Integrated Services R | - |
| Cisco | 4221 Integrated Services R | - |
| Cisco | 4321 Integrated Services R | - |
| Cisco | 4331 Integrated Services R | - |
| Cisco | 4351 Integrated Services R | - |
| Cisco | 4431 Integrated Services R | - |
| Cisco | 4451-X Integrated Services R | - |
| Cisco | Asr 1000 | - |
| Cisco | Asr 1001-Hx R | - |
| Cisco | Asr 1001-X R | - |
| Cisco | Asr 1002-Hx R | - |
| Cisco | Asr 1002-X R | - |
| Cisco | Asr 900 | - |
| Cisco | Asr 900 | - |
| Cisco | Asr 920-10Sz-Pd R | - |
| Cisco | Asr 920-12Cz-A R | - |
| Cisco | Asr 920-12Cz-D R | - |
| Cisco | Asr 920-12Sz-Im R | - |
| Cisco | Asr 920-24Sz-Im R | - |
Related Weaknesses (CWE)
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
FAQ
What is CVE-2019-12658?
CVE-2019-12658 is a vulnerability with a CVSS score of 7.5 (HIGH). A vulnerability in the filesystem resource management code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to exhaust filesystem resources on an affected device and cause a de...
How severe is CVE-2019-12658?
CVE-2019-12658 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-12658?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios Xe, Cisco 1100 Integrated Services R, Cisco 4221 Integrated Services R, Cisco 4321 Integrated Services R, Cisco 4331 Integrated Services R.