National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2019-1758 Detail

Current Description

A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could exploit this vulnerability by attempting to connect to the network on an 802.1x configured port. A successful exploit could allow the attacker to intermittently obtain access to the network.

Source:  MITRE
View Analysis Description

Severity



CVSS 3.x Severity and Metrics:

NIST CVSS score
NIST: NVD
Base Score: 4.3 MEDIUM
Vector:  CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Nist CVSS score does not match with CNA score
CNA:  Cisco Systems, Inc.
Base Score: 4.7 MEDIUM
Vector:  CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
http://www.securityfocus.com/bid/107616 Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500 Patch Vendor Advisory

Weakness Enumeration

CWE-ID CWE Name Source
CWE-287 Improper Authentication NIST   Cisco Systems, Inc.  

Known Affected Software Configurations Switch to CPE 2.3

Configuration 1 ( hide )
 cpe:/o:cisco:ios:12.2%2833%29sxj6
     Show Matching CPE(s)
 cpe:/o:cisco:ios:12.2%2833%29sxj7
     Show Matching CPE(s)
 cpe:/o:cisco:ios:12.2%2833%29sxj8
     Show Matching CPE(s)
 cpe:/o:cisco:ios:12.2%2833%29sxj9
     Show Matching CPE(s)
 cpe:/o:cisco:ios:12.2%2833%29sxj10
     Show Matching CPE(s)
 cpe:/o:cisco:ios:12.2%2860%29ez12
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%281%29sy1
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%281%29sy2
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%281%29sy3
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%281%29sy4
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%281%29sy5
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%281%29sy6
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%282%29sg8a
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%282%29sy
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%282%29sy1
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%282%29sy2
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%282%29sy3
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%282%29sy4
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%282%29sy4a
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%282%29sy5
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%282%29sy6
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%282%29sy7
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%282%29sy8
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%282%29sy9
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%282%29sy10
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%282%29sy11
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%282%29sy12
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%282%29sy13
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%283%29svg3d
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%283%29svi1b
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%283%29svk4b
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%283%29svk4c
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%283%29svm3
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%283%29svn2
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%283%29svo1
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%283%29svo2
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%283%29svp1
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%283%29svp2
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.1%284%29m12c
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.2%281%29sy
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.2%281%29sy0a
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.2%281%29sy1
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.2%281%29sy1a
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.2%281%29sy2
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.2%281%29sy3
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.2%281%29sy4
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.2%281%29sy5
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.2%281%29sy6
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.2%281%29sy7
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.2%282%29sy
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.2%282%29sy1
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.2%282%29sy2
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.2%282%29sy3
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.2%283%29ea1
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.2%284%29jn1
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.2%284a%29ea5
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.3%280%29sy
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.3%281%29sy
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.3%281%29sy1
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.3%281%29sy2
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.3%283%29ja1n
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.3%283%29jf35
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.3%283%29ji2
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.4%281%29sy
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.4%281%29sy1
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.4%281%29sy2
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.4%281%29sy3
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.4%281%29sy4
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.5%281%29sy
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.5%281%29sy1
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.5%281%29sy2
     Show Matching CPE(s)
 cpe:/o:cisco:ios:15.6%282%29sp3b
     Show Matching CPE(s)


Change History

3 change records found - show changes

Quick Info

CVE Dictionary Entry:
CVE-2019-1758
NVD Published Date:
03/27/2019
NVD Last Modified:
10/09/2019