CVE-2019-1950
Cisco IOS XE SD-WAN Software Default Credentials Vulnerability
Severity Score
8.4
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track*
*SSVC
Descriptions
A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, local attacker to gain unauthorized access to an affected device. The vulnerability is due to the existence of default credentials within the default configuration of an affected device. An attacker who has access to an affected device could log in with elevated privileges. A successful exploit could allow the attacker to take complete control of the device. This vulnerability affects Cisco devices that are running Cisco IOS XE SD-WAN Software releases 16.11 and earlier.
Una vulnerabilidad en el firmware de los Cisco UCS C-Series Rack Servers, podría permitir a un atacante físico autenticado omitir las verificaciones de comprobación de Unified Extensible Firmware Interface (UEFI) Secure Boot y cargar una imagen de software comprometida en un dispositivo afectado. La vulnerabilidad es debido a una comprobación inapropiada de las imágenes de actualización del firmware del servidor. Un atacante podría explotar esta vulnerabilidad mediante la instalación de una versión de firmware del servidor que le permitiría desactivar UEFI Secure Boot. Una explotación con éxito podría permitir al atacante omitir las verificaciones de comprobación de firma que realiza la tecnología UEFI Secure Boot y cargar una imagen de software comprometida sobre el dispositivo afectado. Una imagen de software comprometida es cualquier imagen de software que no haya sido firmada digitalmente por Cisco.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track*
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-12-06 CVE Reserved
- 2020-02-19 CVE Published
- 2023-03-08 EPSS Updated
- 2024-11-15 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-255: Credentials Management Errors
- CWE-1188: Initialization of a Resource with an Insecure Default
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | 1100-4p Integrated Services Router Search vendor "Cisco" for product "1100-4p Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | 1100-8p Integrated Services Router Search vendor "Cisco" for product "1100-8p Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | 1101-4p Integrated Services Router Search vendor "Cisco" for product "1101-4p Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | 1109-2p Integrated Services Router Search vendor "Cisco" for product "1109-2p Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | 1109-4p Integrated Services Router Search vendor "Cisco" for product "1109-4p Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | 1111x-8p Integrated Services Router Search vendor "Cisco" for product "1111x-8p Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | 4221 Integrated Services Router Search vendor "Cisco" for product "4221 Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | 4331 Integrated Services Router Search vendor "Cisco" for product "4331 Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | 4431 Integrated Services Router Search vendor "Cisco" for product "4431 Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | 4461 Integrated Services Router Search vendor "Cisco" for product "4461 Integrated Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 1000-x Search vendor "Cisco" for product "Asr 1000-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 1001-hx Search vendor "Cisco" for product "Asr 1001-hx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 1002-hx Search vendor "Cisco" for product "Asr 1002-hx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 1002-x Search vendor "Cisco" for product "Asr 1002-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 1004 Search vendor "Cisco" for product "Asr 1004" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 1006 Search vendor "Cisco" for product "Asr 1006" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 1006-x Search vendor "Cisco" for product "Asr 1006-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 1009-x Search vendor "Cisco" for product "Asr 1009-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 1013 Search vendor "Cisco" for product "Asr 1013" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Csr1000v Search vendor "Cisco" for product "Csr1000v" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ir1101 Search vendor "Cisco" for product "Ir1101" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 56128p Search vendor "Cisco" for product "Nexus 56128p" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5624q Search vendor "Cisco" for product "Nexus 5624q" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5648q Search vendor "Cisco" for product "Nexus 5648q" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5672up Search vendor "Cisco" for product "Nexus 5672up" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5672up-16g Search vendor "Cisco" for product "Nexus 5672up-16g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5696q Search vendor "Cisco" for product "Nexus 5696q" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ucs-e1120d-m3 Search vendor "Cisco" for product "Ucs-e1120d-m3" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ucs-e140s-m2 Search vendor "Cisco" for product "Ucs-e140s-m2" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ucs-e160d-m2 Search vendor "Cisco" for product "Ucs-e160d-m2" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ucs-e160s-m3 Search vendor "Cisco" for product "Ucs-e160s-m3" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ucs-e180d-m2 Search vendor "Cisco" for product "Ucs-e180d-m2" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 16.11 Search vendor "Cisco" for product "Ios Xe" and version " <= 16.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ucs-e180d-m3 Search vendor "Cisco" for product "Ucs-e180d-m3" | - | - |
Safe
|