Informazioni sul CVE-2019-1814
Cisco Small Business 300 Series Managed Switches DHCP Denial of Service Vulnerability
CWE ID: CWE-400
Base Score (CVSS): N/A
CVE: CVE-2019-1814
Descrizione: A vulnerability in the interactions between the DHCP and TFTP features for Cisco Small Business 300 Series (Sx300) Managed Switches could allow an unauthenticated, remote attacker to cause the device to become low on system memory, which in turn could lead to an unexpected reload of the device and result in a denial of service (DoS) condition on an affected device. The vulnerability is due to a failure to free system memory when an unexpected DHCP request is received. An attacker could exploit this vulnerability by sending a crafted DHCP packet to the targeted device. A successful exploit could allow the attacker to cause an unexpected reload of the device.
Vettore di attacco
Punteggio CVSS
Il CVSS è un sistema di valutazione che misura la gravità di una vulnerabilità informatica considerando fattori come l’impatto potenziale, la probabilità di attacco e la facilità di esecuzione.
Riassunto: .
Dettaglio del Vettore
| Metrica | Valore | Significato | Descrizione |
|---|
Riferimenti esterni
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-sb300sms-dhcp
- http://www.securityfocus.com/bid/108344
Prodotti interessati
- Cisco – Cisco Small Business 300 Series Managed Switches
Relazioni con altri prodotti
Produttore:Cisco
Prodotto: Cisco Small Business 300 Series Managed Switches
Anno: 2019
CWE: CWE-400
CVSS: 0.0