How severe is CVE-2019-1747?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.6 out of 10.

What type of vulnerability is CVE-2019-1747?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2019-1747

HIGH Year: 2019

CVSS v3 Score

8.6

High

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-20

View all →

Vulnerability Description

A vulnerability in the implementation of the Short Message Service (SMS) handling functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to improper processing of SMS protocol data units (PDUs) that are encoded with a special character set. An attacker could exploit this vulnerability by sending a malicious SMS message to an affected device. A successful exploit could allow the attacker to cause the wireless WAN (WWAN) cellular interface module on an affected device to crash, resulting in a DoS condition that would require manual intervention to restore normal operating conditions.

CVE-2014-0144

HIGH

CVSS:8.6(High)

QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input val...

CWE-202014

CVE-2015-8702

HIGH

CVSS:8.6(High)

The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service (netsplit) via an invalid character in a PTR response, as demonstrated by a "\03...

CWE-202015

CVE-2016-4332

HIGH

CVSS:8.6(High)

The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't sup...

CWE-202016

CVE-2016-5782

HIGH

CVSS:8.6(High)

An issue was discovered in Locus Energy LGate prior to 1.05H, LGate 50, LGate 100, LGate 101, LGate 120, and LGate 320. Locus Energy meters use a PHP script to manage the energy meter parameters for v...

CWE-202016

CVE-2016-9692

HIGH

CVSS:8.6(High)

IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to External Service Interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vuln...

CWE-202016

CVE-2017-12244

HIGH

CVSS:8.6(High)

A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial o...

CWE-202017

CVE-2019-1747

Vulnerability Description

Related Vulnerabilities

CVE-2014-0144

CVE-2015-8702

CVE-2016-4332

CVE-2016-5782

CVE-2016-9692

CVE-2017-12244