How severe is CVE-2019-1871?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.2 out of 10.

What type of vulnerability is CVE-2019-1871?

This is classified as CWE-119, which is a common weakness in software security.

CVE-2019-1871 - HIGH Severity | CVSS 7.2

Vulnerability Description

A vulnerability in the Import Cisco IMC configuration utility of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and implement arbitrary commands with root privileges on an affected device. The vulnerability is due to improper bounds checking by the import-config process. An attacker could exploit this vulnerability by sending malicious packets to an affected device. When the packets are processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to implement arbitrary code on the affected device with elevated privileges.

Related Vulnerabilities

CVE-2016-6115

HIGH

CVSS:7.2(High)

IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the ...

CWE-1192016

CVE-2016-7820

HIGH

CVSS:7.2(High)

Buffer overflow in I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to cause a denial-of-servi...

CWE-1192016

CVE-2016-8998

HIGH

CVSS:7.2(High)

IBM Tivoli Storage Manager Server 7.1 could allow an authenticated user with TSM administrator privileges to cause a buffer overflow using a specially crafted SQL query and execute arbitrary code on t...

CWE-1192016

CVE-2017-2276

HIGH

CVSS:7.2(High)

Buffer overflow in WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary commands via unspecified vectors.

CWE-1192017

CVE-2017-5712

HIGH

CVSS:7.2(High)

Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to exec...

CWE-1192017

CVE-2018-0632

HIGH

CVSS:7.2(High)

Buffer overflow in Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary code via HTTP request and response.

CWE-1192018