Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-1758

A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could exploit this vulnerability by attempting to connect to the network on an 802.1x configured port. A successful exploit could allow the attacker to intermittently obtain access to the network.

Published

2019-03-28T01:29:00.453

Last Modified

2024-11-21T04:37:18.167

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 4.7 (MEDIUM)

CVSSv2 Vector

AV:A/AC:L/Au:N/C:N/I:P/A:N

Access Vector: ADJACENT_NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

6.5

Impact Score

2.9

Weaknesses

Type: Secondary
CWE-287
Type: Primary
CWE-287

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	cisco	ios	12.2\(33\)sxj6	Yes
Operating System	cisco	ios	12.2\(33\)sxj7	Yes
Operating System	cisco	ios	12.2\(33\)sxj8	Yes
Operating System	cisco	ios	12.2\(33\)sxj9	Yes
Operating System	cisco	ios	12.2\(33\)sxj10	Yes
Operating System	cisco	ios	12.2\(60\)ez12	Yes
Operating System	cisco	ios	15.1\(1\)sy1	Yes
Operating System	cisco	ios	15.1\(1\)sy2	Yes
Operating System	cisco	ios	15.1\(1\)sy3	Yes
Operating System	cisco	ios	15.1\(1\)sy4	Yes
Operating System	cisco	ios	15.1\(1\)sy5	Yes
Operating System	cisco	ios	15.1\(1\)sy6	Yes
Operating System	cisco	ios	15.1\(2\)sg8a	Yes
Operating System	cisco	ios	15.1\(2\)sy	Yes
Operating System	cisco	ios	15.1\(2\)sy1	Yes
Operating System	cisco	ios	15.1\(2\)sy2	Yes
Operating System	cisco	ios	15.1\(2\)sy3	Yes
Operating System	cisco	ios	15.1\(2\)sy4	Yes
Operating System	cisco	ios	15.1\(2\)sy4a	Yes
Operating System	cisco	ios	15.1\(2\)sy5	Yes
Operating System	cisco	ios	15.1\(2\)sy6	Yes
Operating System	cisco	ios	15.1\(2\)sy7	Yes
Operating System	cisco	ios	15.1\(2\)sy8	Yes
Operating System	cisco	ios	15.1\(2\)sy9	Yes
Operating System	cisco	ios	15.1\(2\)sy10	Yes
Operating System	cisco	ios	15.1\(2\)sy11	Yes
Operating System	cisco	ios	15.1\(2\)sy12	Yes
Operating System	cisco	ios	15.1\(2\)sy13	Yes
Operating System	cisco	ios	15.1\(3\)svg3d	Yes
Operating System	cisco	ios	15.1\(3\)svi1b	Yes
Operating System	cisco	ios	15.1\(3\)svk4b	Yes
Operating System	cisco	ios	15.1\(3\)svk4c	Yes
Operating System	cisco	ios	15.1\(3\)svm3	Yes
Operating System	cisco	ios	15.1\(3\)svn2	Yes
Operating System	cisco	ios	15.1\(3\)svo1	Yes
Operating System	cisco	ios	15.1\(3\)svo2	Yes
Operating System	cisco	ios	15.1\(3\)svp1	Yes
Operating System	cisco	ios	15.1\(3\)svp2	Yes
Operating System	cisco	ios	15.1\(4\)m12c	Yes
Operating System	cisco	ios	15.2\(1\)sy	Yes
Operating System	cisco	ios	15.2\(1\)sy0a	Yes
Operating System	cisco	ios	15.2\(1\)sy1	Yes
Operating System	cisco	ios	15.2\(1\)sy1a	Yes
Operating System	cisco	ios	15.2\(1\)sy2	Yes
Operating System	cisco	ios	15.2\(1\)sy3	Yes
Operating System	cisco	ios	15.2\(1\)sy4	Yes
Operating System	cisco	ios	15.2\(1\)sy5	Yes
Operating System	cisco	ios	15.2\(1\)sy6	Yes
Operating System	cisco	ios	15.2\(1\)sy7	Yes
Operating System	cisco	ios	15.2\(2\)sy	Yes
Operating System	cisco	ios	15.2\(2\)sy1	Yes
Operating System	cisco	ios	15.2\(2\)sy2	Yes
Operating System	cisco	ios	15.2\(2\)sy3	Yes
Operating System	cisco	ios	15.2\(3\)ea1	Yes
Operating System	cisco	ios	15.2\(4\)jn1	Yes
Operating System	cisco	ios	15.2\(4a\)ea5	Yes
Operating System	cisco	ios	15.3\(0\)sy	Yes
Operating System	cisco	ios	15.3\(1\)sy	Yes
Operating System	cisco	ios	15.3\(1\)sy1	Yes
Operating System	cisco	ios	15.3\(1\)sy2	Yes
Operating System	cisco	ios	15.3\(3\)ja1n	Yes
Operating System	cisco	ios	15.3\(3\)jf35	Yes
Operating System	cisco	ios	15.3\(3\)ji2	Yes
Operating System	cisco	ios	15.4\(1\)sy	Yes
Operating System	cisco	ios	15.4\(1\)sy1	Yes
Operating System	cisco	ios	15.4\(1\)sy2	Yes
Operating System	cisco	ios	15.4\(1\)sy3	Yes
Operating System	cisco	ios	15.4\(1\)sy4	Yes
Operating System	cisco	ios	15.5\(1\)sy	Yes
Operating System	cisco	ios	15.5\(1\)sy1	Yes
Operating System	cisco	ios	15.5\(1\)sy2	Yes
Operating System	cisco	ios	15.6\(2\)sp3b	Yes

References

http://www.securityfocus.com/bid/107616 Third Party Advisory, VDB Entry ([email protected])
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500 Patch, Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/107616 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)