How severe is CVE-2019-1837?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2019-1837?

This is classified as CWE-129, which is a common weakness in software security.

CVE-2019-1837

HIGH Year: 2019

CVSS v3 Score

7.5

High

CVSS v2 Score

7.8

High

Weakness Type

CWE-129

View all →

Vulnerability Description

A vulnerability in the User Data Services (UDS) API of Cisco Unified Communications Manager (Unified CM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the management GUI. The vulnerability is due to improper validation of input parameters in the UDS API requests. An attacker could exploit this vulnerability by sending a crafted request to the UDS API of an affected device. A successful exploit could allow the attacker to make the A Cisco DB service quit unexpectedly, preventing admin access to the Unified CM management GUI. Manual intervention may be required to restore normal operation. Software versions 10.5, 11.5, 12.0, 12.5 are affected.

CVE-2013-1593

HIGH

CVSS:7.5(High)

A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packe...

CWE-1292013

CVE-2014-10044

HIGH

CVSS:7.5(High)

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 210/SD 212/SD 205, SD 400, SD 617, SD 800, and SD 820, in the time daemon, una...

CWE-1292014

CVE-2017-5445

HIGH

CVSS:7.5(High)

A vulnerability while parsing "application/http-index-format" format content where uninitialized values are used to create an array. This could allow the reading of uninitialized memory into the array...

CWE-1292017

CVE-2017-8797

HIGH

CVSS:7.5(High)

The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. ...

CWE-1292017

CVE-2018-12018

HIGH

CVSS:7.5(High)

The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum (aka geth) before 1.8.11 may lead to an access violation because of an integer signedness error for the array index, wh...

CWE-1292018

CVE-2018-13902

HIGH

CVSS:7.5(High)

Out of bounds memory read and access due to improper array index validation may lead to unexpected behavior while decoding XTRA file in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Sn...

CWE-1292018

CVE-2019-1837

Vulnerability Description

Related Vulnerabilities

CVE-2013-1593

CVE-2014-10044

CVE-2017-5445

CVE-2017-8797

CVE-2018-12018

CVE-2018-13902