CVE-2019-1758

Published Mar 28, 2019
Last updated 5 years ago
CVSS medium 4.3
Overview

Description: A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could exploit this vulnerability by attempting to connect to the network on an 802.1x configured port. A successful exploit could allow the attacker to intermittently obtain access to the network.
Source: ykramarz@cisco.com
NVD status: Modified
Risk scores

CVSS 3.0

Type: Primary
Base score: 4.3
Impact score: 1.4
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 3.3
Impact score: 2.9
Exploitability score: 6.5
Vector string: AV:A/AC:L/Au:N/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-287
ykramarz@cisco.com: CWE-287
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "831B9DB1-8AB9-45A7-8DC4-FD6CED335D88"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F17158D-9CCD-4186-B97D-51242AB92547"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E920061-80A8-41E0-BA64-A20264020C7E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFB5FB44-0CD9-40E1-80EC-C8CFBA023FD6"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F3509F6-5475-4924-9E5C-4E2E03D65F19"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C60FD51-3FD8-48F4-98EF-FEDAAF9BC52B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "35C1075B-11F3-453C-957D-834C5D6D8CB1"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "115E901C-94B4-4EC7-AA85-03A20CFA90DF"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C97051EE-8C42-4546-8EDC-FAD60B3EE1EB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB435D9A-FA6C-4CBD-8647-3A61B3DAB338"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "14181F4B-9A5C-40B4-BD15-FED694E9AE8E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B62E402E-5D8B-4261-906C-C5668B4A12BB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg8a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FFFA4F2A-4BE5-4FD5-A3D4-2B28D6A25A53"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07DCF559-9324-4CE1-A986-EF4A174DCEFC"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38CC9728-4E4A-4536-BC81-031AFE1A74E9"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9DECC49-1DF8-4925-9232-04DA748428B2"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B736A1E0-89F4-418C-BC12-7E6A7AC7891F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2BDC0B5A-E59C-454E-AA0E-6EB9C8888480"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy4a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2363876E-0E3B-44BA-8157-FA96554302B9"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D2D3131A-74F7-4465-826E-5F6C90240C4D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E0D1E17-9A5C-4B74-B780-F31364FD9F06"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F70ADF53-D937-4CB1-8D17-8B4DB9A5458C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B0F30A4-C088-4ECC-ABE0-33D4A7BC8D1E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73B11B78-1936-42CA-919E-BCD1E0C2A397"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A807560F-7111-40AB-BCC8-F3D7A2F92D2D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AEE56D89-5894-49E9-BDCF-E23AE4159989"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC9347AF-7729-44BD-8E33-610D573C560F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "14DC014A-2CDD-4294-8AEB-9C0B437C1633"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svg3d:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "379793AF-11E1-4510-B5A0-3705B324669E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svi1b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29FAF4EA-DCB7-4D81-AB2E-DCCE32EC14FB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svk4b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C5BF4FA-139A-4789-A9C1-84B6DEFFD300"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svk4c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "009E4B3F-4384-4DBD-9D88-0A191BB92C6B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svm3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CCBC8E0-C6DC-4F23-A949-073E625505CE"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svn2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D400949D-766A-497B-AC76-6EE81295C0D4"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svo1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2787A781-32EC-4A59-8472-A0A7E3086A4F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svo2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B853917E-D8E2-4CBD-BB4F-CB447BE052F2"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svp1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "82784B3A-A4EA-4BBE-9ACE-BAE4895372CA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svp2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8FFE62F-6185-4745-ACF4-6657E2A375D6"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.1\\(4\\)m12c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A47B1CBB-1604-46BA-84EA-F81197AFA03C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1AE57C85-794E-405B-841F-A806D32C08EB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy0a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B91687C-A8F8-45FB-BF03-8534E9230AB1"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E082DB05-253F-4C6F-BD0A-524699309D10"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy1a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B43D4858-AE1C-4372-97F9-5983EEE6ED4B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9678A6F2-0624-4A8A-9991-9DADCDDB2687"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9F6D655-D3A3-4BEE-9DEF-19ADD41D1663"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8AC0B809-72AD-413F-BE84-73FE2DB33950"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F2834B6-AA9D-4FDC-A228-CED66C799849"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3426024-7199-4B7B-90CB-CE83FD2E0878"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF163F6F-1A6D-4AA9-AAC2-52249BB28421"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B05373F4-E820-4D22-A86A-904854F04C7E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C38969D-65EB-4C80-BB2A-A1245C4E718B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A429CFF2-A288-4CD5-9C06-8D18647C67E2"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB3A9655-9E22-4AEA-BBCF-6C0749D0289E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(3\\)ea1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94FD5120-C385-4F16-AB3F-979D851DF8D9"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)jn1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B171170-4BBD-4E09-BF5A-6DA3F110C7D2"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(4a\\)ea5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "734AA8D5-5BB9-4E1D-B8CB-0A14BADA9EF8"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(0\\)sy:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1724DF49-B5A4-4EA6-8733-1672455BB3BF"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(1\\)sy:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "249D78EB-A125-4731-A41B-62F8302D7246"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(1\\)sy1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E599088-5071-469B-980F-4BA3026856C2"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(1\\)sy2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21F58CEE-636B-460E-91D1-330965FA7FE9"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja1n:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49DAE7DA-E0D3-4434-AD75-C8894D939A83"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf35:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7590C6F4-D2AF-4B15-A278-8249C5EE6617"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ji2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4041C7F-B0C7-4CF0-A77F-84A031424797"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4220D3B1-BD05-4169-91BA-B1AA45084C46"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84BAF351-4C7F-44F8-812E-9C402CBBB5FF"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0595F3D8-8D99-4C82-9EC1-1187C52A6740"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "662ACAD0-7E80-4CB5-8409-03E72A3C59D3"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A43EE852-5F22-4387-8332-A12FF3306210"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6465E3DA-90F0-4DD6-82B1-C9DF9FAEBDD2"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "346BD6D0-AAF2-4C9A-8DD3-8C710302DCA1"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A5B7053-7F9C-432C-B6F1-DAC00B0C9619"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)sp3b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1195EA28-E1BA-4D66-BC71-977F93E9E943"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
