Lucene search

CiscoCISCO-SA-20190327-C6500

HistoryMar 27, 2019 - 4:00 p.m.

Cisco IOS Software Catalyst 6500 Series 802.1x Authentication Bypass Vulnerability

2019-03-2716:00:00

tools.cisco.com

0.001 Low

EPSS

Percentile

23.1%

JSON

A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication.

The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could exploit this vulnerability by attempting to connect to the network on an 802.1x configured port. A successful exploit could allow the attacker to intermittently obtain access to the network.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500 [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-c6500”]

Affected configurations

Vulners

Node

ciscoiosMatch12.2ez

ciscoiosMatch12.2sxj

ciscoiosMatch15.1sy

ciscoiosMatch15.2sy

ciscoiosMatch15.3sy

ciscoiosMatch15.4sy

ciscoiosMatch15.5sy

ciscoiosMatch12.2\(60\)ez15

ciscoiosMatch12.2\(33\)sxj6

ciscoiosMatch12.2\(33\)sxj7

ciscoiosMatch12.2\(33\)sxj8

ciscoiosMatch12.2\(33\)sxj9

ciscoiosMatch12.2\(33\)sxj10

ciscoiosMatch15.1\(1\)sy1

ciscoiosMatch15.1\(2\)sy

ciscoiosMatch15.1\(2\)sy1

ciscoiosMatch15.1\(2\)sy2

ciscoiosMatch15.1\(1\)sy2

ciscoiosMatch15.1\(1\)sy3

ciscoiosMatch15.1\(2\)sy3

ciscoiosMatch15.1\(1\)sy4

ciscoiosMatch15.1\(2\)sy4

ciscoiosMatch15.1\(1\)sy5

ciscoiosMatch15.1\(2\)sy5

ciscoiosMatch15.1\(2\)sy4a

ciscoiosMatch15.1\(1\)sy6

ciscoiosMatch15.1\(2\)sy6

ciscoiosMatch15.1\(2\)sy7

ciscoiosMatch15.1\(2\)sy8

ciscoiosMatch15.1\(2\)sy9

ciscoiosMatch15.1\(2\)sy10

ciscoiosMatch15.1\(2\)sy11

ciscoiosMatch15.1\(2\)sy12

ciscoiosMatch15.1\(2\)sy13

ciscoiosMatch15.2\(1\)sy

ciscoiosMatch15.2\(1\)sy1

ciscoiosMatch15.2\(1\)sy0a

ciscoiosMatch15.2\(1\)sy2

ciscoiosMatch15.2\(2\)sy

ciscoiosMatch15.2\(1\)sy1a

ciscoiosMatch15.2\(2\)sy1

ciscoiosMatch15.2\(2\)sy2

ciscoiosMatch15.2\(1\)sy3

ciscoiosMatch15.2\(1\)sy4

ciscoiosMatch15.2\(2\)sy3

ciscoiosMatch15.2\(1\)sy5

ciscoiosMatch15.2\(1\)sy6

ciscoiosMatch15.2\(1\)sy7

ciscoiosMatch15.3\(1\)sy

ciscoiosMatch15.3\(0\)sy

ciscoiosMatch15.3\(1\)sy1

ciscoiosMatch15.3\(1\)sy2

ciscoiosMatch15.4\(1\)sy

ciscoiosMatch15.4\(1\)sy1

ciscoiosMatch15.4\(1\)sy2

ciscoiosMatch15.4\(1\)sy3

ciscoiosMatch15.4\(1\)sy4

ciscoiosMatch15.5\(1\)sy

ciscoiosMatch15.5\(1\)sy1

ciscoiosMatch15.5\(1\)sy2

CPENameOperatorVersion
ioseq12.2EZ
ioseq12.2SXJ
ioseq15.1SY
ioseq15.2SY
ioseq15.3SY
ioseq15.4SY
ioseq15.5SY
cisco ioseq12.2(60)EZ15
cisco ioseq12.2(33)SXJ6
cisco ioseq12.2(33)SXJ7