CVE-2019-1758
Cisco IOS Software Catalyst 6500 Series 802.1x Authentication Bypass Vulnerability
Severity Score
4.3
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could exploit this vulnerability by attempting to connect to the network on an 802.1x configured port. A successful exploit could allow the attacker to intermittently obtain access to the network.
Una vulnerabilidad en la función 802.1x del software Cisco IOS en los switches Catalyst 6500 Series podría permitir que un atacante adyacente sin autenticar acceda a la red antes de autenticarse. La vulnerabilidad se debe a cómo los paquetes 802.1x se manejan en la ruta del proceso. Un atacante podría explotar esta vulnerabilidad intentando conectarse a la red en un puerto configurado por 802.1x. Un exploit exitoso podría permitir que el atacante obtenga acceso a la red de forma intermitente.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-12-06 CVE Reserved
- 2019-03-28 CVE Published
- 2024-08-17 EPSS Updated
- 2024-11-21 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/107616 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500 | 2019-10-09 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.2\(33\)sxj6 Search vendor "Cisco" for product "Ios" and version "12.2\(33\)sxj6" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.2\(33\)sxj7 Search vendor "Cisco" for product "Ios" and version "12.2\(33\)sxj7" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.2\(33\)sxj8 Search vendor "Cisco" for product "Ios" and version "12.2\(33\)sxj8" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.2\(33\)sxj9 Search vendor "Cisco" for product "Ios" and version "12.2\(33\)sxj9" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.2\(33\)sxj10 Search vendor "Cisco" for product "Ios" and version "12.2\(33\)sxj10" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.2\(60\)ez12 Search vendor "Cisco" for product "Ios" and version "12.2\(60\)ez12" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(1\)sy1 Search vendor "Cisco" for product "Ios" and version "15.1\(1\)sy1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(1\)sy2 Search vendor "Cisco" for product "Ios" and version "15.1\(1\)sy2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(1\)sy3 Search vendor "Cisco" for product "Ios" and version "15.1\(1\)sy3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(1\)sy4 Search vendor "Cisco" for product "Ios" and version "15.1\(1\)sy4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(1\)sy5 Search vendor "Cisco" for product "Ios" and version "15.1\(1\)sy5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(1\)sy6 Search vendor "Cisco" for product "Ios" and version "15.1\(1\)sy6" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sg8a Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sg8a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy1 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy2 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy3 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy4 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy4a Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy4a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy5 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy6 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy6" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy7 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy7" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy8 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy8" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy9 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy9" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy10 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy10" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy11 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy11" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy12 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy12" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy13 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy13" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(3\)svg3d Search vendor "Cisco" for product "Ios" and version "15.1\(3\)svg3d" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(3\)svi1b Search vendor "Cisco" for product "Ios" and version "15.1\(3\)svi1b" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(3\)svk4b Search vendor "Cisco" for product "Ios" and version "15.1\(3\)svk4b" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(3\)svk4c Search vendor "Cisco" for product "Ios" and version "15.1\(3\)svk4c" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(3\)svm3 Search vendor "Cisco" for product "Ios" and version "15.1\(3\)svm3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(3\)svn2 Search vendor "Cisco" for product "Ios" and version "15.1\(3\)svn2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(3\)svo1 Search vendor "Cisco" for product "Ios" and version "15.1\(3\)svo1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(3\)svo2 Search vendor "Cisco" for product "Ios" and version "15.1\(3\)svo2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(3\)svp1 Search vendor "Cisco" for product "Ios" and version "15.1\(3\)svp1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(3\)svp2 Search vendor "Cisco" for product "Ios" and version "15.1\(3\)svp2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(4\)m12c Search vendor "Cisco" for product "Ios" and version "15.1\(4\)m12c" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(1\)sy Search vendor "Cisco" for product "Ios" and version "15.2\(1\)sy" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(1\)sy0a Search vendor "Cisco" for product "Ios" and version "15.2\(1\)sy0a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(1\)sy1 Search vendor "Cisco" for product "Ios" and version "15.2\(1\)sy1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(1\)sy1a Search vendor "Cisco" for product "Ios" and version "15.2\(1\)sy1a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(1\)sy2 Search vendor "Cisco" for product "Ios" and version "15.2\(1\)sy2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(1\)sy3 Search vendor "Cisco" for product "Ios" and version "15.2\(1\)sy3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(1\)sy4 Search vendor "Cisco" for product "Ios" and version "15.2\(1\)sy4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(1\)sy5 Search vendor "Cisco" for product "Ios" and version "15.2\(1\)sy5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(1\)sy6 Search vendor "Cisco" for product "Ios" and version "15.2\(1\)sy6" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(1\)sy7 Search vendor "Cisco" for product "Ios" and version "15.2\(1\)sy7" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(2\)sy Search vendor "Cisco" for product "Ios" and version "15.2\(2\)sy" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(2\)sy1 Search vendor "Cisco" for product "Ios" and version "15.2\(2\)sy1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(2\)sy2 Search vendor "Cisco" for product "Ios" and version "15.2\(2\)sy2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(2\)sy3 Search vendor "Cisco" for product "Ios" and version "15.2\(2\)sy3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(3\)ea1 Search vendor "Cisco" for product "Ios" and version "15.2\(3\)ea1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(4\)jn1 Search vendor "Cisco" for product "Ios" and version "15.2\(4\)jn1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(4a\)ea5 Search vendor "Cisco" for product "Ios" and version "15.2\(4a\)ea5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.3\(0\)sy Search vendor "Cisco" for product "Ios" and version "15.3\(0\)sy" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.3\(1\)sy Search vendor "Cisco" for product "Ios" and version "15.3\(1\)sy" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.3\(1\)sy1 Search vendor "Cisco" for product "Ios" and version "15.3\(1\)sy1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.3\(1\)sy2 Search vendor "Cisco" for product "Ios" and version "15.3\(1\)sy2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.3\(3\)ja1n Search vendor "Cisco" for product "Ios" and version "15.3\(3\)ja1n" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.3\(3\)jf35 Search vendor "Cisco" for product "Ios" and version "15.3\(3\)jf35" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.3\(3\)ji2 Search vendor "Cisco" for product "Ios" and version "15.3\(3\)ji2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.4\(1\)sy Search vendor "Cisco" for product "Ios" and version "15.4\(1\)sy" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.4\(1\)sy1 Search vendor "Cisco" for product "Ios" and version "15.4\(1\)sy1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.4\(1\)sy2 Search vendor "Cisco" for product "Ios" and version "15.4\(1\)sy2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.4\(1\)sy3 Search vendor "Cisco" for product "Ios" and version "15.4\(1\)sy3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.4\(1\)sy4 Search vendor "Cisco" for product "Ios" and version "15.4\(1\)sy4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.5\(1\)sy Search vendor "Cisco" for product "Ios" and version "15.5\(1\)sy" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.5\(1\)sy1 Search vendor "Cisco" for product "Ios" and version "15.5\(1\)sy1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.5\(1\)sy2 Search vendor "Cisco" for product "Ios" and version "15.5\(1\)sy2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.6\(2\)sp3b Search vendor "Cisco" for product "Ios" and version "15.6\(2\)sp3b" | - |
Affected
| ||||||