CVE-2019-1718 vulnerability in Cisco Products
Published on April 17, 2019
Cisco Identity Services Engine SSL Renegotiation Denial of Service Vulnerability
A vulnerability in the web interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to trigger high CPU usage, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of Secure Sockets Layer (SSL) renegotiation requests. An attacker could exploit this vulnerability by sending renegotiation requests at a high rate. An successful exploit could increase the resource usage on the system, eventually leading to a DoS condition. This vulnerability affects version 2.1.
Weakness Type
Resource Management Errors
Weaknesses in this category are related to improper management of system resources.
Products Associated with CVE-2019-1718
stack.watch emails you whenever new vulnerabilities are published in Cisco Identity Services Engine or Cisco Identity Services Engine Software. Just hit a watch button to start following.
Affected Versions
Cisco Identity Services Engine Software Version 2.1(0.907) is affected by CVE-2019-1718Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.