CVE-2019-1711

A vulnerability in the Event Management Service daemon (emsd) of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of gRPC requests. An attacker could exploit this vulnerability by repeatedly sending unauthenticated gRPC requests to the affected device. A successful exploit could cause the emsd process to crash, resulting in a DoS condition. Resolved in Cisco IOS XR 6.5.1 and later.

Severity	MEDIUM
CVSS	5.3
CWE	CWE-20
KEV
Published	7 years ago
Modified	1 year ago

Related Products

Product	Advisory
Cisco RV Series Routers	cisco-sa-20190417-ios-xr-dos
Cisco Nexus Dashboard	cisco-sa-20190417-ios-xr-dos
Cisco Meraki MS Series Switches	cisco-sa-20190417-ios-xr-dos
Cisco IOS Software	cisco-sa-20190417-ios-xr-dos
Cisco IOS XR Software	cisco-sa-20190417-ios-xr-dos
Cisco IOS	cisco-sa-20190417-ios-xr-dos