Vulnerability-Lookup

CVE-2019-1758 (GCVE-0-2019-1758)

Vulnerability from cvelistv5 – Published: 2019-03-28 00:20 – Updated: 2024-11-21 19:41

Title

Cisco IOS Software Catalyst 6500 Series 802.1x Authentication Bypass Vulnerability

Summary

A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could exploit this vulnerability by attempting to connect to the network on an 802.1x configured port. A successful exploit could allow the attacker to intermittently obtain access to the network.

Severity ?

4.7 (Medium)


                        
                          CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-287

Assigner

cisco

References

URL

	Vendor	Product	Version
	Cisco	Cisco IOS Software	Affected: 12.2(60)EZ12

GHSA-W5HF-6Q7F-JJQV

Vulnerability from github – Published: 2022-05-13 01:31 – Updated: 2022-05-13 01:31

Details

Severity ?

4.3 (Medium)


                  
                    CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-1758"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-03-28T01:29:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could exploit this vulnerability by attempting to connect to the network on an 802.1x configured port. A successful exploit could allow the attacker to intermittently obtain access to the network.",
  "id": "GHSA-w5hf-6q7f-jjqv",
  "modified": "2022-05-13T01:31:20Z",
  "published": "2022-05-13T01:31:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1758"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/107616"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2019-1758

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2019-1758

Aliases

CVE-2019-1758

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-1758",
    "description": "A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could exploit this vulnerability by attempting to connect to the network on an 802.1x configured port. A successful exploit could allow the attacker to intermittently obtain access to the network.",
    "id": "GSD-2019-1758"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-1758"
      ],
      "details": "A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could exploit this vulnerability by attempting to connect to the network on an 802.1x configured port. A successful exploit could allow the attacker to intermittently obtain access to the network.",
      "id": "GSD-2019-1758",
      "modified": "2023-12-13T01:23:51.882478Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "DATE_PUBLIC": "2019-03-27T16:00:00-0700",
        "ID": "CVE-2019-1758",
        "STATE": "PUBLIC",
        "TITLE": "Cisco IOS Software Catalyst 6500 Series 802.1x Authentication Bypass Vulnerability"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cisco IOS Software",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "12.2(60)EZ12"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Cisco"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could exploit this vulnerability by attempting to connect to the network on an 802.1x configured port. A successful exploit could allow the attacker to intermittently obtain access to the network."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
        }
      ],
      "impact": {
        "cvss": {
          "baseScore": "4.7",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N ",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-287"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20190327 Cisco IOS Software Catalyst 6500 Series 802.1x Authentication Bypass Vulnerability",
            "refsource": "CISCO",
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500"
          },
          {
            "name": "107616",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/107616"
          }
        ]
      },
      "source": {
        "advisory": "cisco-sa-20190327-c6500",
        "defect": [
          [
            "CSCvk25074"
          ]
        ],
        "discovery": "INTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.3\\(1\\)sy2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.2\\(4\\)jn1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svn2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svi1b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(4\\)m12c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svp2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.2\\(3\\)ea1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svg3d:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.3\\(1\\)sy:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy4a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svk4b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja1n:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(2\\)sp3b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svm3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf35:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ji2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svk4c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svo2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.2\\(4a\\)ea5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.3\\(1\\)sy1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy0a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svo1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.3\\(0\\)sy:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy1a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svp1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg8a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2019-1758"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could exploit this vulnerability by attempting to connect to the network on an 802.1x configured port. A successful exploit could allow the attacker to intermittently obtain access to the network."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190327 Cisco IOS Software Catalyst 6500 Series 802.1x Authentication Bypass Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500"
            },
            {
              "name": "107616",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/107616"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 6.5,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2019-10-09T23:47Z",
      "publishedDate": "2019-03-28T01:29Z"
    }
  }
}

CVE-2019-1758

Vulnerability from fstec - Published: 27.03.2019

Title

Уязвимость реализации стандарта 802.1X операционной системы Cisco IOS, позволяющая нарушителю получить доступ к сети

Description

Уязвимость реализации стандарта 802.1X операционной системы Cisco IOS связана с недостатками процедуры аутентификации. Эксплуатация уязвимости может позволить нарушителю получить доступ к сети

Severity ?


                    
                      AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Vendor

Cisco Systems Inc.

Software Name

Cisco IOS

Software Version

15.1(4)M12c (Cisco IOS), 15.1(2)SG8a (Cisco IOS), 15.1(1)SY1 (Cisco IOS), 15.1(2)SY (Cisco IOS), 15.1(2)SY1 (Cisco IOS), 15.1(2)SY2 (Cisco IOS), 15.1(1)SY2 (Cisco IOS), 15.1(1)SY3 (Cisco IOS), 15.1(2)SY3 (Cisco IOS), 15.1(1)SY4 (Cisco IOS), 15.1(2)SY4 (Cisco IOS), 15.1(1)SY5 (Cisco IOS), 15.1(1)SY6 (Cisco IOS), 15.1(2)SY6 (Cisco IOS), 15.1(2)SY7 (Cisco IOS), 15.1(2)SY8 (Cisco IOS), 15.1(2)SY9 (Cisco IOS), 15.1(2)SY10 (Cisco IOS), 15.1(2)SY11 (Cisco IOS), 15.2(1)SY (Cisco IOS), 15.2(1)SY1 (Cisco IOS), 15.2(1)SY0a (Cisco IOS), 15.2(1)SY2 (Cisco IOS), 15.2(2)SY (Cisco IOS), 15.2(1)SY1a (Cisco IOS), 15.2(2)SY1 (Cisco IOS), 15.2(2)SY2 (Cisco IOS), 15.2(1)SY3 (Cisco IOS), 15.2(1)SY4 (Cisco IOS), 15.2(2)SY3 (Cisco IOS), 15.2(1)SY5 (Cisco IOS), 15.3(1)SY (Cisco IOS), 15.3(1)SY1 (Cisco IOS), 15.3(1)SY2 (Cisco IOS), 15.6(2)SP3b (Cisco IOS), 15.4(1)SY (Cisco IOS), 15.4(1)SY1 (Cisco IOS), 15.4(1)SY2 (Cisco IOS), 15.5(1)SY (Cisco IOS), 15.1(3)SVG3d (Cisco IOS), 15.2(3)EA1 (Cisco IOS), 15.2(4a)EA5 (Cisco IOS), 15.1(3)SVI1b (Cisco IOS), 15.3(3)JF35 (Cisco IOS), 15.1(3)SVM3 (Cisco IOS), 15.1(3)SVN2 (Cisco IOS), 15.1(3)SVO1 (Cisco IOS), 15.1(3)SVO2 (Cisco IOS), 15.3(3)JI2 (Cisco IOS), 15.1(3)SVP1 (Cisco IOS), 15.3(3)JA1n (Cisco IOS), 15.1(3)SVK4b (Cisco IOS), 15.1(3)SVK4c (Cisco IOS), 15.2(4)JN1 (Cisco IOS), 12.2(60)EZ12 (Cisco IOS), 12.2(33)SXJ6 (Cisco IOS), 12.2(33)SXJ7 (Cisco IOS), 12.2(33)SXJ8 (Cisco IOS), 12.2(33)SXJ9 (Cisco IOS), 12.2(33)SXJ10 (Cisco IOS), 15.1(2)SY12 (Cisco IOS), 15.1(2)SY13 (Cisco IOS), 15.2(1)SY6 (Cisco IOS), 15.2(1)SY7 (Cisco IOS), 15.3(0)SY (Cisco IOS), 15.4(1)SY4 (Cisco IOS), 15.5(1)SY1 (Cisco IOS), 15.5(1)SY2 (Cisco IOS), 15.1(3)SVP2 (Cisco IOS)

Possible Mitigations

Использование рекомендаций: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500 https://www.securityfocus.com/bid/107616

CWE

CWE-287

JSON

To clipboard

{
  "CVSS 2.0": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
  "CVSS 3.0": "AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "15.1(4)M12c (Cisco IOS), 15.1(2)SG8a (Cisco IOS), 15.1(1)SY1 (Cisco IOS), 15.1(2)SY (Cisco IOS), 15.1(2)SY1 (Cisco IOS), 15.1(2)SY2 (Cisco IOS), 15.1(1)SY2 (Cisco IOS), 15.1(1)SY3 (Cisco IOS), 15.1(2)SY3 (Cisco IOS), 15.1(1)SY4 (Cisco IOS), 15.1(2)SY4 (Cisco IOS), 15.1(1)SY5 (Cisco IOS), 15.1(1)SY6 (Cisco IOS), 15.1(2)SY6 (Cisco IOS), 15.1(2)SY7 (Cisco IOS), 15.1(2)SY8 (Cisco IOS), 15.1(2)SY9 (Cisco IOS), 15.1(2)SY10 (Cisco IOS), 15.1(2)SY11 (Cisco IOS), 15.2(1)SY (Cisco IOS), 15.2(1)SY1 (Cisco IOS), 15.2(1)SY0a (Cisco IOS), 15.2(1)SY2 (Cisco IOS), 15.2(2)SY (Cisco IOS), 15.2(1)SY1a (Cisco IOS), 15.2(2)SY1 (Cisco IOS), 15.2(2)SY2 (Cisco IOS), 15.2(1)SY3 (Cisco IOS), 15.2(1)SY4 (Cisco IOS), 15.2(2)SY3 (Cisco IOS), 15.2(1)SY5 (Cisco IOS), 15.3(1)SY (Cisco IOS), 15.3(1)SY1 (Cisco IOS), 15.3(1)SY2 (Cisco IOS), 15.6(2)SP3b (Cisco IOS), 15.4(1)SY (Cisco IOS), 15.4(1)SY1 (Cisco IOS), 15.4(1)SY2 (Cisco IOS), 15.5(1)SY (Cisco IOS), 15.1(3)SVG3d (Cisco IOS), 15.2(3)EA1 (Cisco IOS), 15.2(4a)EA5 (Cisco IOS), 15.1(3)SVI1b (Cisco IOS), 15.3(3)JF35 (Cisco IOS), 15.1(3)SVM3 (Cisco IOS), 15.1(3)SVN2 (Cisco IOS), 15.1(3)SVO1 (Cisco IOS), 15.1(3)SVO2 (Cisco IOS), 15.3(3)JI2 (Cisco IOS), 15.1(3)SVP1 (Cisco IOS), 15.3(3)JA1n (Cisco IOS), 15.1(3)SVK4b (Cisco IOS), 15.1(3)SVK4c (Cisco IOS), 15.2(4)JN1 (Cisco IOS), 12.2(60)EZ12 (Cisco IOS), 12.2(33)SXJ6 (Cisco IOS), 12.2(33)SXJ7 (Cisco IOS), 12.2(33)SXJ8 (Cisco IOS), 12.2(33)SXJ9 (Cisco IOS), 12.2(33)SXJ10 (Cisco IOS), 15.1(2)SY12 (Cisco IOS), 15.1(2)SY13 (Cisco IOS), 15.2(1)SY6 (Cisco IOS), 15.2(1)SY7 (Cisco IOS), 15.3(0)SY (Cisco IOS), 15.4(1)SY4 (Cisco IOS), 15.5(1)SY1 (Cisco IOS), 15.5(1)SY2 (Cisco IOS), 15.1(3)SVP2 (Cisco IOS)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "27.03.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "12.04.2019",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-01392",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-1758",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Cisco IOS",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Cisco Systems Inc. - - Cisco Catalyst 6500",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u0430 802.1X \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Cisco IOS, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0442\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f (CWE-287)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u0430 802.1X \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Cisco IOS \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0442\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500\nhttps://www.securityfocus.com/bid/107616",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-287",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 3,3)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,7)"
}

FKIE_CVE-2019-1758

Vulnerability from fkie_nvd - Published: 2019-03-28 01:29 - Updated: 2024-11-21 04:37

Severity ?

4.7 (Medium) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/107616	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/107616	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	ios	12.2\(33\)sxj6
cisco	ios	12.2\(33\)sxj7
cisco	ios	12.2\(33\)sxj8
cisco	ios	12.2\(33\)sxj9
cisco	ios	12.2\(33\)sxj10
cisco	ios	12.2\(60\)ez12
cisco	ios	15.1\(1\)sy1
cisco	ios	15.1\(1\)sy2
cisco	ios	15.1\(1\)sy3
cisco	ios	15.1\(1\)sy4
cisco	ios	15.1\(1\)sy5
cisco	ios	15.1\(1\)sy6
cisco	ios	15.1\(2\)sg8a
cisco	ios	15.1\(2\)sy
cisco	ios	15.1\(2\)sy1
cisco	ios	15.1\(2\)sy2
cisco	ios	15.1\(2\)sy3
cisco	ios	15.1\(2\)sy4
cisco	ios	15.1\(2\)sy4a
cisco	ios	15.1\(2\)sy5
cisco	ios	15.1\(2\)sy6
cisco	ios	15.1\(2\)sy7
cisco	ios	15.1\(2\)sy8
cisco	ios	15.1\(2\)sy9
cisco	ios	15.1\(2\)sy10
cisco	ios	15.1\(2\)sy11
cisco	ios	15.1\(2\)sy12
cisco	ios	15.1\(2\)sy13
cisco	ios	15.1\(3\)svg3d
cisco	ios	15.1\(3\)svi1b
cisco	ios	15.1\(3\)svk4b
cisco	ios	15.1\(3\)svk4c
cisco	ios	15.1\(3\)svm3
cisco	ios	15.1\(3\)svn2
cisco	ios	15.1\(3\)svo1
cisco	ios	15.1\(3\)svo2
cisco	ios	15.1\(3\)svp1
cisco	ios	15.1\(3\)svp2
cisco	ios	15.1\(4\)m12c
cisco	ios	15.2\(1\)sy
cisco	ios	15.2\(1\)sy0a
cisco	ios	15.2\(1\)sy1
cisco	ios	15.2\(1\)sy1a
cisco	ios	15.2\(1\)sy2
cisco	ios	15.2\(1\)sy3
cisco	ios	15.2\(1\)sy4
cisco	ios	15.2\(1\)sy5
cisco	ios	15.2\(1\)sy6
cisco	ios	15.2\(1\)sy7
cisco	ios	15.2\(2\)sy
cisco	ios	15.2\(2\)sy1
cisco	ios	15.2\(2\)sy2
cisco	ios	15.2\(2\)sy3
cisco	ios	15.2\(3\)ea1
cisco	ios	15.2\(4\)jn1
cisco	ios	15.2\(4a\)ea5
cisco	ios	15.3\(0\)sy
cisco	ios	15.3\(1\)sy
cisco	ios	15.3\(1\)sy1
cisco	ios	15.3\(1\)sy2
cisco	ios	15.3\(3\)ja1n
cisco	ios	15.3\(3\)jf35
cisco	ios	15.3\(3\)ji2
cisco	ios	15.4\(1\)sy
cisco	ios	15.4\(1\)sy1
cisco	ios	15.4\(1\)sy2
cisco	ios	15.4\(1\)sy3
cisco	ios	15.4\(1\)sy4
cisco	ios	15.5\(1\)sy
cisco	ios	15.5\(1\)sy1
cisco	ios	15.5\(1\)sy2
cisco	ios	15.6\(2\)sp3b

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj6:*:*:*:*:*:*:*",
              "matchCriteriaId": "831B9DB1-8AB9-45A7-8DC4-FD6CED335D88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj7:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F17158D-9CCD-4186-B97D-51242AB92547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E920061-80A8-41E0-BA64-A20264020C7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFB5FB44-0CD9-40E1-80EC-C8CFBA023FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj10:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F3509F6-5475-4924-9E5C-4E2E03D65F19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez12:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C60FD51-3FD8-48F4-98EF-FEDAAF9BC52B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy1:*:*:*:*:*:*:*",
              "matchCriteriaId": "35C1075B-11F3-453C-957D-834C5D6D8CB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy2:*:*:*:*:*:*:*",
              "matchCriteriaId": "115E901C-94B4-4EC7-AA85-03A20CFA90DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C97051EE-8C42-4546-8EDC-FAD60B3EE1EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB435D9A-FA6C-4CBD-8647-3A61B3DAB338",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy5:*:*:*:*:*:*:*",
              "matchCriteriaId": "14181F4B-9A5C-40B4-BD15-FED694E9AE8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B62E402E-5D8B-4261-906C-C5668B4A12BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg8a:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFFA4F2A-4BE5-4FD5-A3D4-2B28D6A25A53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DCF559-9324-4CE1-A986-EF4A174DCEFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy1:*:*:*:*:*:*:*",
              "matchCriteriaId": "38CC9728-4E4A-4536-BC81-031AFE1A74E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9DECC49-1DF8-4925-9232-04DA748428B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B736A1E0-89F4-418C-BC12-7E6A7AC7891F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BDC0B5A-E59C-454E-AA0E-6EB9C8888480",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "2363876E-0E3B-44BA-8157-FA96554302B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D3131A-74F7-4465-826E-5F6C90240C4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0D1E17-9A5C-4B74-B780-F31364FD9F06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F70ADF53-D937-4CB1-8D17-8B4DB9A5458C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0F30A4-C088-4ECC-ABE0-33D4A7BC8D1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy9:*:*:*:*:*:*:*",
              "matchCriteriaId": "73B11B78-1936-42CA-919E-BCD1E0C2A397",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A807560F-7111-40AB-BCC8-F3D7A2F92D2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy11:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEE56D89-5894-49E9-BDCF-E23AE4159989",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy12:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC9347AF-7729-44BD-8E33-610D573C560F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy13:*:*:*:*:*:*:*",
              "matchCriteriaId": "14DC014A-2CDD-4294-8AEB-9C0B437C1633",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svg3d:*:*:*:*:*:*:*",
              "matchCriteriaId": "379793AF-11E1-4510-B5A0-3705B324669E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svi1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "29FAF4EA-DCB7-4D81-AB2E-DCCE32EC14FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svk4b:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C5BF4FA-139A-4789-A9C1-84B6DEFFD300",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svk4c:*:*:*:*:*:*:*",
              "matchCriteriaId": "009E4B3F-4384-4DBD-9D88-0A191BB92C6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svm3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CCBC8E0-C6DC-4F23-A949-073E625505CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svn2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D400949D-766A-497B-AC76-6EE81295C0D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svo1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2787A781-32EC-4A59-8472-A0A7E3086A4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svo2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B853917E-D8E2-4CBD-BB4F-CB447BE052F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svp1:*:*:*:*:*:*:*",
              "matchCriteriaId": "82784B3A-A4EA-4BBE-9ACE-BAE4895372CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svp2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8FFE62F-6185-4745-ACF4-6657E2A375D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(4\\)m12c:*:*:*:*:*:*:*",
              "matchCriteriaId": "A47B1CBB-1604-46BA-84EA-F81197AFA03C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE57C85-794E-405B-841F-A806D32C08EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B91687C-A8F8-45FB-BF03-8534E9230AB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E082DB05-253F-4C6F-BD0A-524699309D10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B43D4858-AE1C-4372-97F9-5983EEE6ED4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9678A6F2-0624-4A8A-9991-9DADCDDB2687",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9F6D655-D3A3-4BEE-9DEF-19ADD41D1663",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AC0B809-72AD-413F-BE84-73FE2DB33950",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F2834B6-AA9D-4FDC-A228-CED66C799849",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3426024-7199-4B7B-90CB-CE83FD2E0878",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy7:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF163F6F-1A6D-4AA9-AAC2-52249BB28421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05373F4-E820-4D22-A86A-904854F04C7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C38969D-65EB-4C80-BB2A-A1245C4E718B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A429CFF2-A288-4CD5-9C06-8D18647C67E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB3A9655-9E22-4AEA-BBCF-6C0749D0289E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(3\\)ea1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94FD5120-C385-4F16-AB3F-979D851DF8D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)jn1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B171170-4BBD-4E09-BF5A-6DA3F110C7D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(4a\\)ea5:*:*:*:*:*:*:*",
              "matchCriteriaId": "734AA8D5-5BB9-4E1D-B8CB-0A14BADA9EF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.3\\(0\\)sy:*:*:*:*:*:*:*",
              "matchCriteriaId": "1724DF49-B5A4-4EA6-8733-1672455BB3BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.3\\(1\\)sy:*:*:*:*:*:*:*",
              "matchCriteriaId": "249D78EB-A125-4731-A41B-62F8302D7246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.3\\(1\\)sy1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E599088-5071-469B-980F-4BA3026856C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.3\\(1\\)sy2:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F58CEE-636B-460E-91D1-330965FA7FE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja1n:*:*:*:*:*:*:*",
              "matchCriteriaId": "49DAE7DA-E0D3-4434-AD75-C8894D939A83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf35:*:*:*:*:*:*:*",
              "matchCriteriaId": "7590C6F4-D2AF-4B15-A278-8249C5EE6617",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ji2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4041C7F-B0C7-4CF0-A77F-84A031424797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy:*:*:*:*:*:*:*",
              "matchCriteriaId": "4220D3B1-BD05-4169-91BA-B1AA45084C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84BAF351-4C7F-44F8-812E-9C402CBBB5FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0595F3D8-8D99-4C82-9EC1-1187C52A6740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy3:*:*:*:*:*:*:*",
              "matchCriteriaId": "662ACAD0-7E80-4CB5-8409-03E72A3C59D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A43EE852-5F22-4387-8332-A12FF3306210",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy:*:*:*:*:*:*:*",
              "matchCriteriaId": "6465E3DA-90F0-4DD6-82B1-C9DF9FAEBDD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy1:*:*:*:*:*:*:*",
              "matchCriteriaId": "346BD6D0-AAF2-4C9A-8DD3-8C710302DCA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A5B7053-7F9C-432C-B6F1-DAC00B0C9619",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)sp3b:*:*:*:*:*:*:*",
              "matchCriteriaId": "1195EA28-E1BA-4D66-BC71-977F93E9E943",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could exploit this vulnerability by attempting to connect to the network on an 802.1x configured port. A successful exploit could allow the attacker to intermittently obtain access to the network."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n 802.1x del software Cisco IOS en los switches Catalyst 6500 Series podr\u00eda permitir que un atacante adyacente sin autenticar acceda a la red antes de autenticarse. La vulnerabilidad se debe a c\u00f3mo los paquetes 802.1x se manejan en la ruta del proceso. Un atacante podr\u00eda explotar esta vulnerabilidad intentando conectarse a la red en un puerto configurado por 802.1x. Un exploit exitoso podr\u00eda permitir que el atacante obtenga acceso a la red de forma intermitente."
    }
  ],
  "id": "CVE-2019-1758",
  "lastModified": "2024-11-21T04:37:18.167",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 3.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-03-28T01:29:00.453",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/107616"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/107616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2020-34304

Vulnerability from cnvd - Published: 2020-06-23

Title

Cisco Catalyst 6500 Series Switches Cisco IOS授权问题漏洞

Description

Cisco Catalyst 6500 Series Switches是美国思科（Cisco）公司的一款6500系列模块化机箱交换机。Cisco IOS是其中的一套为其网络设备开发的操作系统。 Cisco Catalyst 6500 Series Switches Cisco IOS授权问题漏洞。攻击者可利用该漏洞不进行身份验证便可访问网络。未认证邻近攻击者可通过尝试在配置802.1x的端口上连接到网络利用该漏洞间歇性获得网络访问权。

Severity

低

Patch Name

Cisco Catalyst 6500 Series Switches Cisco IOS授权问题漏洞的补丁

Patch Description

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500

Reference

https://nvd.nist.gov/vuln/detail/CVE-2019-1758

Impacted products

Name
Cisco Catalyst 6500 Series Switches

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-1758"
    }
  },
  "description": "Cisco Catalyst 6500 Series Switches\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u6b3e6500\u7cfb\u5217\u6a21\u5757\u5316\u673a\u7bb1\u4ea4\u6362\u673a\u3002Cisco IOS\u662f\u5176\u4e2d\u7684\u4e00\u5957\u4e3a\u5176\u7f51\u7edc\u8bbe\u5907\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\n\nCisco Catalyst 6500 Series Switches Cisco IOS\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4e0d\u8fdb\u884c\u8eab\u4efd\u9a8c\u8bc1\u4fbf\u53ef\u8bbf\u95ee\u7f51\u7edc\u3002\u672a\u8ba4\u8bc1\u90bb\u8fd1\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5c1d\u8bd5\u5728\u914d\u7f6e802.1x\u7684\u7aef\u53e3\u4e0a\u8fde\u63a5\u5230\u7f51\u7edc\u5229\u7528\u8be5\u6f0f\u6d1e\u95f4\u6b47\u6027\u83b7\u5f97\u7f51\u7edc\u8bbf\u95ee\u6743\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-34304",
  "openTime": "2020-06-23",
  "patchDescription": "Cisco Catalyst 6500 Series Switches\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u6b3e6500\u7cfb\u5217\u6a21\u5757\u5316\u673a\u7bb1\u4ea4\u6362\u673a\u3002Cisco IOS\u662f\u5176\u4e2d\u7684\u4e00\u5957\u4e3a\u5176\u7f51\u7edc\u8bbe\u5907\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nCisco Catalyst 6500 Series Switches Cisco IOS\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4e0d\u8fdb\u884c\u8eab\u4efd\u9a8c\u8bc1\u4fbf\u53ef\u8bbf\u95ee\u7f51\u7edc\u3002\u672a\u8ba4\u8bc1\u90bb\u8fd1\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5c1d\u8bd5\u5728\u914d\u7f6e802.1x\u7684\u7aef\u53e3\u4e0a\u8fde\u63a5\u5230\u7f51\u7edc\u5229\u7528\u8be5\u6f0f\u6d1e\u95f4\u6b47\u6027\u83b7\u5f97\u7f51\u7edc\u8bbf\u95ee\u6743\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Catalyst 6500 Series Switches Cisco IOS\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco Catalyst 6500 Series Switches"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-1758",
  "serverity": "\u4f4e",
  "submitTime": "2019-03-28",
  "title": "Cisco Catalyst 6500 Series Switches Cisco IOS\u6388\u6743\u95ee\u9898\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-1758 (GCVE-0-2019-1758)

GHSA-W5HF-6Q7F-JJQV

GSD-2019-1758

CVE-2019-1758

FKIE_CVE-2019-1758

CNVD-2020-34304

Tags

Sightings

Nomenclature