How severe is CVE-2019-1672?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.8 out of 10.

What type of vulnerability is CVE-2019-1672?

This is classified as CWE-400, which is a common weakness in software security.

CVE-2019-1672

MEDIUM Year: 2019

CVSS v3 Score

5.8

Medium

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-400

View all →

Vulnerability Description

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorrect handling of SSL-encrypted traffic when Decrypt for End-User Notification is disabled in the configuration. An attacker could exploit this vulnerability by sending a SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured drop policy to block specific SSL connections. Releases 10.1.x and 10.5.x are affected.

CVE-2018-0381

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of se...

CWE-4002018

CVE-2018-15464

MEDIUM

CVSS:5.8(Medium)

A vulnerability in Cisco 900 Series Aggregation Services Router (ASR) software could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition on an affected devic...

CWE-4002018

CVE-2020-3190

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition for IPsec sessions to an affected dev...

CWE-4002020

CVE-2024-21126

MEDIUM

CVSS:5.8(Medium)

Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 19.3-19.23 and 21.3-21.14. Easily exploitable vulnerability allo...

CWE-4002024

CVE-2021-37865

MEDIUM

CVSS:5.7(Medium)

Mattermost 6.2 and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while ...

CWE-4002021

CVE-2022-0489

MEDIUM

CVSS:5.7(Medium)

An issue has been discovered in GitLab CE/EE affecting all versions starting with 8.15 . It was possible to trigger a DOS by using the math feature with a specific formula in issue comments.

CWE-4002022

CVE-2019-1672

Vulnerability Description

Related Vulnerabilities

CVE-2018-0381

CVE-2018-15464

CVE-2020-3190

CVE-2024-21126

CVE-2021-37865

CVE-2022-0489