How severe is CVE-2019-1703?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.6 out of 10.

What type of vulnerability is CVE-2019-1703?

This is classified as CWE-400, which is a common weakness in software security.

CVE-2019-1703 - HIGH Severity | CVSS 8.6

Vulnerability Description

A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for the Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error, which may prevent ingress buffers from being replenished under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to consume all input buffers, which are shared between all interfaces, leading to a queue wedge condition in all active interfaces. This situation would cause an affected device to stop processing any incoming traffic and result in a DoS condition until the device is reloaded manually.

Related Vulnerabilities

CVE-2015-1779

HIGH

CVSS:8.6(High)

The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.

CWE-4002015

CVE-2016-6171

HIGH

CVSS:8.6(High)

Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service (memory exhaustion and slave server crash) via a large zone transfer for (1) DDNS, (2) AXFR, or (3) IXFR.

CWE-4002016

CVE-2017-15119

HIGH

CVSS:8.6(High)

The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. It could occur if a client sent large option requests, making the server waste CP...

CWE-4002017

CVE-2017-17051

HIGH

CVSS:8.6(High)

An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hyperv...

CWE-4002017

CVE-2017-9627

HIGH

CVSS:8.6(High)

An Uncontrolled Resource Consumption issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The uncontrolled resource consumption vulnerability cou...

CWE-4002017

CVE-2018-0086

HIGH

CVSS:8.6(High)

A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected ...

CWE-4002018