CVE-2019-1659
Cisco Prime Infrastructure Certificate Validation Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the Identity Services Engine (ISE) integration feature of Cisco Prime Infrastructure (PI) could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack against the Secure Sockets Layer (SSL) tunnel established between ISE and PI. The vulnerability is due to improper validation of the server SSL certificate when establishing the SSL tunnel with ISE. An attacker could exploit this vulnerability by using a crafted SSL certificate and could then intercept communications between the ISE and PI. A successful exploit could allow the attacker to view and alter potentially sensitive information that the ISE maintains about clients that are connected to the network. This vulnerability affects Cisco Prime Infrastructure Software Releases 2.2 through 3.4.0 when the PI server is integrated with ISE, which is disabled by default.
Una vulnerabilidad en la funcionalidad de integración del motor de servicios de identidad (ISE) de Cisco Prime Infrastructure (PI) podría permitir a un atacante remoto no autenticado realizar un ataque Man-in-the-Middle (MitM) contra el túnel SSL establecido entre el ISE y la PI. Esta vulnerabilidad se debe a una validación incorrecta del certificado SSL cuando se establece el túnel SSL con el ISE. Un atacante podría explotar esta vulnerabilidad utilizando un certificado SSL manipulado y posteriormente podría interceptar las comunicaciones entre el ISE y la PI. Su explotación exitosa podría permitir al atacante visualizar y modificar información potencialmente sensible mantenida por el ISE sobre los clientes que se encuentran conectados a la red. Esta vulnerabilidad afecta a Cisco Prime Infrastructure Software, en sus distribuciones 2.2 hasta la 3.4.0, cuando el servidor PI se integra con el ISE, lo que está deshabilitado por defecto.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2018-12-06 CVE Reserved
- 2019-02-21 CVE Published
- 2023-03-07 EPSS Updated
- 2024-11-20 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-295: Improper Certificate Validation
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/107092 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cisco Search vendor "Cisco" | Prime Infrastructure Search vendor "Cisco" for product "Prime Infrastructure" | >= 2.2 <= 3.4.0 Search vendor "Cisco" for product "Prime Infrastructure" and version " >= 2.2 <= 3.4.0" | - |
Affected
|