A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message to the MME. A successful exploit would cause the MME to stop sending SCTP messages to the eNodeB, triggering a DoS condition.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2020-01-26T04:45:20.821598Z
Updated: 2024-09-17T01:12:08.199Z
Reserved: 2019-09-06T00:00:00
Link: CVE-2019-16026
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-01-26T05:15:16.380
Modified: 2020-01-31T15:14:53.880
Link: CVE-2019-16026
Redhat
No data.