CVE-2019-1761

CVE Database · CVE-2019-1761

CVE-2019-1761

· MEDIUMAnalyzed

CVSS v3.1

4.3

EPSS

0.63%

Published

Mar 27, 2019

Modified

Sep 11, 2025

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. The vulnerability is due to insufficient memory initialization. An attacker could exploit this vulnerability by receiving HSRPv2 traffic from an adjacent HSRP member. A successful exploit could allow the attacker to receive potentially sensitive information from the adjacent device.

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Weaknesses (CWE)

CWE-665CWE-665

Affected Products (1761)

cisco · iosvulnerable

cisco · ios

References (4)

http://www.securityfocus.com/bid/107620

Broken LinkThird Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ios-infoleak

PatchVendor Advisory

http://www.securityfocus.com/bid/107620

Broken LinkThird Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ios-infoleak

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs