How severe is CVE-2019-1708?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.6 out of 10.

What type of vulnerability is CVE-2019-1708?

This is classified as CWE-404, which is a common weakness in software security.

CVE-2019-1708

HIGH Year: 2019

CVSS v3 Score

8.6

High

CVSS v2 Score

7.8

High

Weakness Type

CWE-404

View all →

Vulnerability Description

A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to the incorrect processing of certain MOBIKE packets. An attacker could exploit this vulnerability by sending crafted MOBIKE packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. The MOBIKE feature is supported only for IPv4 addresses.

CVE-2017-1145

HIGH

CVSS:8.6(High)

IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of service through resource exhaustion. IBM Reference #: ...

CWE-4042017

CVE-2019-1706

HIGH

CVSS:8.6(High)

A vulnerability in the software cryptography module of the Cisco Adaptive Security Virtual Appliance (ASAv) and Firepower 2100 Series running Cisco Adaptive Security Appliance (ASA) Software could all...

CWE-4042019

CVE-2020-26070

HIGH

CVSS:8.6(High)

A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a den...

CWE-4042020

CVE-2022-25762

HIGH

CVSS:8.6(High)

If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that...

CWE-4042022

CVE-2023-20042

HIGH

CVSS:8.6(High)

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker ...

CWE-4042023

CVE-2018-8450

HIGH

CVSS:8.8(High)

A remote code execution vulnerability exists when Windows Search handles objects in memory, aka "Windows Search Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Wi...

CWE-4042018

CVE-2019-1708

Vulnerability Description

Related Vulnerabilities

CVE-2017-1145

CVE-2019-1706

CVE-2020-26070

CVE-2022-25762

CVE-2023-20042

CVE-2018-8450