A vulnerability in the RADIUS Change of Authorization (CoA) code of Cisco TrustSec, a feature within Cisco IOS XE Software, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of a malformed packet. An attacker could exploit this vulnerability by sending a malformed packet to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.

Published : 2019-09-25 21:15 Updated : 2019-10-09 23:46

CVSS Score More info
Score 7.8 / 10
Vendor Product Version URI
Cisco Ios 15.2%283%29e cpe:/o:cisco:ios:15.2%283%29e
Cisco Ios 15.2%283%29e5 cpe:/o:cisco:ios:15.2%283%29e5
Cisco Ios 16.11.1 cpe:/o:cisco:ios:16.11.1
  1. Cisco (1) Search CVE
    1. Ios (3) Search CVE
      1. 15.2%283%29e
      2. 15.2%283%29e5
      3. 16.11.1


ID Name Description Links
CWE-20 Improper Input Validation The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program. CVE

History of changes

Date Event
2019-10-01 14:33
2019-09-25 21:32