How severe is CVE-2019-1693?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.7 out of 10.

What type of vulnerability is CVE-2019-1693?

This is classified as CWE-399, which is a common weakness in software security.

CVE-2019-1693

HIGH Year: 2019

CVSS v3 Score

7.7

High

CVSS v2 Score

6.8

Medium

Weakness Type

CWE-399

View all →

Vulnerability Description

A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper management of authenticated sessions in the WebVPN portal. An attacker could exploit this vulnerability by authenticating with valid credentials and accessing a specific URL in the WebVPN portal. A successful exploit could allow the attacker to cause the device to reload, resulting in a temporary DoS condition.

CVE-2015-7400

HIGH

CVSS:7.7(High)

The Lotus Mashups component in IBM Mashup Center 3.0.0.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an XML external entity declaration in conjunction with an ...

CWE-3992015

CVE-2017-6609

HIGH

CVSS:7.7(High)

A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malforme...

CWE-3992017

CVE-2017-6610

HIGH

CVSS:7.7(High)

A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability...

CWE-3992017

CVE-2021-1623

HIGH

CVSS:7.7(High)

A vulnerability in the Simple Network Management Protocol (SNMP) punt handling function of Cisco cBR-8 Converged Broadband Routers could allow an authenticated, remote attacker to overload a device pu...

CWE-3992021

CVE-2010-1889

HIGH

CVSS:7.8(High)

Double free vulnerability in the kernel in Microsoft Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2, allows local users to gain privileges via a crafted application, related to object...

CWE-3992010

CVE-2011-1236

HIGH

CVSS:7.8(High)

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2...

CWE-3992011

CVE-2019-1693

Vulnerability Description

Related Vulnerabilities

CVE-2015-7400

CVE-2017-6609

CVE-2017-6610

CVE-2021-1623

CVE-2010-1889

CVE-2011-1236