Vulnerability Description
A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the IS–IS process. The vulnerability is due to improper handling of a Simple Network Management Protocol (SNMP) request for specific Object Identifiers (OIDs) by the IS–IS process. An attacker could exploit this vulnerability by sending a crafted SNMP request to the affected device. A successful exploit could allow the attacker to cause a DoS condition in the IS–IS process.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios Xr | 4.3.2 |
| Cisco | Xr 12404 | - |
| Cisco | Xr 12406 | - |
| Cisco | Xr 12410 | - |
| Cisco | Xr 12416 | - |
| Cisco | Ncs 6000 | - |
| Cisco | Ncs 6008 | - |
| Cisco | Ncs 5001 | - |
| Cisco | Ncs 5002 | - |
| Cisco | Ncs 5011 | - |
| Cisco | Ncs 5500 | - |
| Cisco | Ncs 5501 | - |
| Cisco | Ncs 5502 | - |
| Cisco | Ncs 5508 | - |
| Cisco | Ncs 5516 | - |
| Cisco | Crs | - |
| Cisco | Xrv 9000 | - |
| Cisco | Ncs 540 | - |
| Cisco | Ncs 560 | - |
| Cisco | Asr 9000 | - |
Related Weaknesses (CWE)
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
FAQ
What is CVE-2019-16027?
CVE-2019-16027 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, ...
How severe is CVE-2019-16027?
CVE-2019-16027 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-16027?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios Xr, Cisco Xr 12404, Cisco Xr 12406, Cisco Xr 12410, Cisco Xr 12416.