CVE-2019-1758

{"id": "CVE-2019-1758", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.3, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 4.7, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2019-03-28T01:29:00.453", "references": [{"url": "http://www.securityfocus.com/bid/107616", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500", "tags": ["Patch", "Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could exploit this vulnerability by attempting to connect to the network on an 802.1x configured port. A successful exploit could allow the attacker to intermittently obtain access to the network."}, {"lang": "es", "value": "Una vulnerabilidad en la funci\u00f3n 802.1x del software Cisco IOS en los switches Catalyst 6500 Series podr\u00eda permitir que un atacante adyacente sin autenticar acceda a la red antes de autenticarse. La vulnerabilidad se debe a c\u00f3mo los paquetes 802.1x se manejan en la ruta del proceso. Un atacante podr\u00eda explotar esta vulnerabilidad intentando conectarse a la red en un puerto configurado por 802.1x. Un exploit exitoso podr\u00eda permitir que el atacante obtenga acceso a la red de forma intermitente."}], "lastModified": "2019-10-09T23:47:59.817", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "831B9DB1-8AB9-45A7-8DC4-FD6CED335D88"}, {"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F17158D-9CCD-4186-B97D-51242AB92547"}, {"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E920061-80A8-41E0-BA64-A20264020C7E"}, {"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFB5FB44-0CD9-40E1-80EC-C8CFBA023FD6"}, {"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F3509F6-5475-4924-9E5C-4E2E03D65F19"}, {"criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C60FD51-3FD8-48F4-98EF-FEDAAF9BC52B"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35C1075B-11F3-453C-957D-834C5D6D8CB1"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "115E901C-94B4-4EC7-AA85-03A20CFA90DF"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C97051EE-8C42-4546-8EDC-FAD60B3EE1EB"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB435D9A-FA6C-4CBD-8647-3A61B3DAB338"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14181F4B-9A5C-40B4-BD15-FED694E9AE8E"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B62E402E-5D8B-4261-906C-C5668B4A12BB"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg8a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FFFA4F2A-4BE5-4FD5-A3D4-2B28D6A25A53"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07DCF559-9324-4CE1-A986-EF4A174DCEFC"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38CC9728-4E4A-4536-BC81-031AFE1A74E9"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9DECC49-1DF8-4925-9232-04DA748428B2"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B736A1E0-89F4-418C-BC12-7E6A7AC7891F"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BDC0B5A-E59C-454E-AA0E-6EB9C8888480"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy4a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2363876E-0E3B-44BA-8157-FA96554302B9"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2D3131A-74F7-4465-826E-5F6C90240C4D"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E0D1E17-9A5C-4B74-B780-F31364FD9F06"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F70ADF53-D937-4CB1-8D17-8B4DB9A5458C"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B0F30A4-C088-4ECC-ABE0-33D4A7BC8D1E"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73B11B78-1936-42CA-919E-BCD1E0C2A397"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A807560F-7111-40AB-BCC8-F3D7A2F92D2D"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEE56D89-5894-49E9-BDCF-E23AE4159989"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC9347AF-7729-44BD-8E33-610D573C560F"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14DC014A-2CDD-4294-8AEB-9C0B437C1633"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svg3d:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "379793AF-11E1-4510-B5A0-3705B324669E"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svi1b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29FAF4EA-DCB7-4D81-AB2E-DCCE32EC14FB"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svk4b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C5BF4FA-139A-4789-A9C1-84B6DEFFD300"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svk4c:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "009E4B3F-4384-4DBD-9D88-0A191BB92C6B"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svm3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4CCBC8E0-C6DC-4F23-A949-073E625505CE"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svn2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D400949D-766A-497B-AC76-6EE81295C0D4"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svo1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2787A781-32EC-4A59-8472-A0A7E3086A4F"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svo2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B853917E-D8E2-4CBD-BB4F-CB447BE052F2"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svp1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82784B3A-A4EA-4BBE-9ACE-BAE4895372CA"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svp2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8FFE62F-6185-4745-ACF4-6657E2A375D6"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(4\\)m12c:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A47B1CBB-1604-46BA-84EA-F81197AFA03C"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1AE57C85-794E-405B-841F-A806D32C08EB"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy0a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B91687C-A8F8-45FB-BF03-8534E9230AB1"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E082DB05-253F-4C6F-BD0A-524699309D10"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy1a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B43D4858-AE1C-4372-97F9-5983EEE6ED4B"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9678A6F2-0624-4A8A-9991-9DADCDDB2687"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9F6D655-D3A3-4BEE-9DEF-19ADD41D1663"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AC0B809-72AD-413F-BE84-73FE2DB33950"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F2834B6-AA9D-4FDC-A228-CED66C799849"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3426024-7199-4B7B-90CB-CE83FD2E0878"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF163F6F-1A6D-4AA9-AAC2-52249BB28421"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B05373F4-E820-4D22-A86A-904854F04C7E"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C38969D-65EB-4C80-BB2A-A1245C4E718B"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A429CFF2-A288-4CD5-9C06-8D18647C67E2"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB3A9655-9E22-4AEA-BBCF-6C0749D0289E"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(3\\)ea1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94FD5120-C385-4F16-AB3F-979D851DF8D9"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)jn1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B171170-4BBD-4E09-BF5A-6DA3F110C7D2"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4a\\)ea5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "734AA8D5-5BB9-4E1D-B8CB-0A14BADA9EF8"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(0\\)sy:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1724DF49-B5A4-4EA6-8733-1672455BB3BF"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(1\\)sy:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "249D78EB-A125-4731-A41B-62F8302D7246"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(1\\)sy1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E599088-5071-469B-980F-4BA3026856C2"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(1\\)sy2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21F58CEE-636B-460E-91D1-330965FA7FE9"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja1n:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49DAE7DA-E0D3-4434-AD75-C8894D939A83"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7590C6F4-D2AF-4B15-A278-8249C5EE6617"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ji2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4041C7F-B0C7-4CF0-A77F-84A031424797"}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4220D3B1-BD05-4169-91BA-B1AA45084C46"}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84BAF351-4C7F-44F8-812E-9C402CBBB5FF"}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0595F3D8-8D99-4C82-9EC1-1187C52A6740"}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "662ACAD0-7E80-4CB5-8409-03E72A3C59D3"}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A43EE852-5F22-4387-8332-A12FF3306210"}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6465E3DA-90F0-4DD6-82B1-C9DF9FAEBDD2"}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "346BD6D0-AAF2-4C9A-8DD3-8C710302DCA1"}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A5B7053-7F9C-432C-B6F1-DAC00B0C9619"}, {"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)sp3b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1195EA28-E1BA-4D66-BC71-977F93E9E943"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}