1. Home
  2. CVE Database
  3. CVE-2019-12663
HIGH · 8.6

CVE-2019-12663

A vulnerability in the Cisco TrustSec (CTS) Protected Access Credential (PAC) provisioning module of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affec...

Vulnerability Description

A vulnerability in the Cisco TrustSec (CTS) Protected Access Credential (PAC) provisioning module of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of attributes in RADIUS messages. An attacker could exploit this vulnerability by sending a malicious RADIUS message to an affected device while the device is in a specific state.

CVSS Score

8.6

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
CiscoIos Xe16.6.4
CiscoCatalyst 9300-24P-A-
CiscoCatalyst 9300-24P-E-
CiscoCatalyst 9300-24S-A-
CiscoCatalyst 9300-24S-E-
CiscoCatalyst 9300-24T-A-
CiscoCatalyst 9300-24T-E-
CiscoCatalyst 9300-24U-A-
CiscoCatalyst 9300-24U-E-
CiscoCatalyst 9300-24Ux-A-
CiscoCatalyst 9300-24Ux-E-
CiscoCatalyst 9300-48P-A-
CiscoCatalyst 9300-48P-E-
CiscoCatalyst 9300-48S-A-
CiscoCatalyst 9300-48S-E-
CiscoCatalyst 9300-48T-A-
CiscoCatalyst 9300-48T-E-
CiscoCatalyst 9300-48U-A-
CiscoCatalyst 9300-48U-E-
CiscoCatalyst 9300-48Un-A-

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2019-12663?

CVE-2019-12663 is a vulnerability with a CVSS score of 8.6 (HIGH). A vulnerability in the Cisco TrustSec (CTS) Protected Access Credential (PAC) provisioning module of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affec...

How severe is CVE-2019-12663?

CVE-2019-12663 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-12663?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios Xe, Cisco Catalyst 9300-24P-A, Cisco Catalyst 9300-24P-E, Cisco Catalyst 9300-24S-A, Cisco Catalyst 9300-24S-E.