CVE-1999-0159

Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases.

CVSS v3 3.5 LOW
CVSS v2.0 5.0 MEDIUM

3.5^/10

CVSS v3 : LOW

Vector :

Exploitability : 2.1 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0159
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0159

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:cisco:ios:9.1:::::::*
	cpe:2.3:o:cisco:ios:11.0\(20.3\):::::::*
	cpe:2.3:o:cisco:ios:11.1\(15\)ca:::::::*
	cpe:2.3:o:cisco:ios:11.1\(16\):::::::*
	cpe:2.3:o:cisco:ios:11.1\(16\)aa:::::::*
	cpe:2.3:o:cisco:ios:11.1\(16\)ia:::::::*
	cpe:2.3:o:cisco:ios:11.1\(17\)cc:::::::*
	cpe:2.3:o:cisco:ios:11.1\(17\)ct:::::::*
	cpe:2.3:o:cisco:ios:11.2\(8\)sa3:::::::*
	cpe:2.3:o:cisco:ios:11.2\(9\)p:::::::*
	cpe:2.3:o:cisco:ios:11.2\(9\)xa:::::::*
	cpe:2.3:o:cisco:ios:11.2\(10\):::::::*
	cpe:2.3:o:cisco:ios:11.2\(10\)bc:::::::*
	cpe:2.3:o:cisco:ios:11.3\(1\):::::::*
	cpe:2.3:o:cisco:ios:11.3\(1\)ed:::::::*
	cpe:2.3:o:cisco:ios:11.3\(1\)t:::::::*

History

27 Aug 2025, 19:15

Type	Values Removed	Values Added
CVSS	v2 : ~~5.0~~ v3 : ~~unknown~~	v2 : 5.0 v3 : 3.5
CWE		CWE-400

20 Nov 2024, 23:28

Type	Values Removed	Values Added
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0159 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0159 -

17 Aug 2022, 07:15

Type	Values Removed	Values Added
References		(MISC) https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0159 -

Information

Published : 1998-08-12 04:00

Updated : 2025-08-27 19:15

NVD link : CVE-1999-0159

Mitre link : CVE-1999-0159

CVE.ORG link : CVE-1999-0159

JSON object : View

Products Affected

cisco

ios

CWE

NVD-CWE-Other CWE-400

Uncontrolled Resource Consumption

{"id": "CVE-1999-0159", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.5, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.1}]}, "published": "1998-08-12T04:00:00.000", "references": [{"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0159", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0159", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases."}], "lastModified": "2025-08-27T19:15:33.120", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E9A00D5-A594-4C64-B982-10CB4C554F51"}, {"criteria": "cpe:2.3:o:cisco:ios:11.0\\(20.3\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86AFAF8F-B8E2-453B-895C-F94138720745"}, {"criteria": "cpe:2.3:o:cisco:ios:11.1\\(15\\)ca:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "841513AE-7521-4670-8438-AE5EB70F3A48"}, {"criteria": "cpe:2.3:o:cisco:ios:11.1\\(16\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF3E8F79-6177-453C-99B5-BC9BC7670869"}, {"criteria": "cpe:2.3:o:cisco:ios:11.1\\(16\\)aa:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B244655-A6A5-40D0-A0D1-34C814DA9389"}, {"criteria": "cpe:2.3:o:cisco:ios:11.1\\(16\\)ia:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA064273-1A6E-4303-BAAB-F585691EF9BA"}, {"criteria": "cpe:2.3:o:cisco:ios:11.1\\(17\\)cc:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A8158E2-0DFE-479B-B085-9775FF700C85"}, {"criteria": "cpe:2.3:o:cisco:ios:11.1\\(17\\)ct:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29CA3070-B75D-4E56-A338-E10F5509394E"}, {"criteria": "cpe:2.3:o:cisco:ios:11.2\\(8\\)sa3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "099CFED1-0E2F-46B2-8136-BFA146EB9A00"}, {"criteria": "cpe:2.3:o:cisco:ios:11.2\\(9\\)p:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "047F9781-38B8-488C-B999-A3CA6BDB639C"}, {"criteria": "cpe:2.3:o:cisco:ios:11.2\\(9\\)xa:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E3586C0-64AF-4584-8F56-7E0756B4A521"}, {"criteria": "cpe:2.3:o:cisco:ios:11.2\\(10\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B784C9F-79EE-4D08-9D03-985EC7E378FE"}, {"criteria": "cpe:2.3:o:cisco:ios:11.2\\(10\\)bc:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FFBA8825-442E-4CAD-A9B2-4DD8546F35F9"}, {"criteria": "cpe:2.3:o:cisco:ios:11.3\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A6F8329-15C7-4FED-A61D-5AF4F3A33976"}, {"criteria": "cpe:2.3:o:cisco:ios:11.3\\(1\\)ed:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD13732A-DAE0-4D5B-9DAC-6D2CF391220D"}, {"criteria": "cpe:2.3:o:cisco:ios:11.3\\(1\\)t:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A53DE80A-5865-4514-BE14-BA5992EE7BDA"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}