Lucene search

CiscoCVE-2019-15998

HistoryNov 26, 2019 - 4:15 a.m.

CVE-2019-15998

2019-11-2604:15:12

CWE-862

CWE-284

cisco

web.nvd.nist.gov

cisco

ios xr software

vulnerability

access control

netconf

ssh

cve-2019-15998

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

27.0%

JSON

A vulnerability in the access-control logic of the NETCONF over Secure Shell (SSH) of Cisco IOS XR Software may allow connections despite an access control list (ACL) that is configured to deny access to the NETCONF over SSH of an affected device. The vulnerability is due to a missing check in the NETCONF over SSH access control list (ACL). An attacker could exploit this vulnerability by connecting to an affected device using NETCONF over SSH. A successful exploit could allow the attacker to connect to the device on the NETCONF port. Valid credentials are required to access the device. This vulnerability does not affect connections to the default SSH process on the device.

Affected configurations

Nvd

Node

ciscoios_xrMatch6.5.1

ciscoios_xrMatch6.5.2

ciscoios_xrMatch6.5.3

AND

ciscoasr_9001Match-

ciscoasr_9006Match-

ciscoasr_9010Match-

ciscoasr_9901Match-

ciscoasr_9904Match-

ciscoasr_9912Match-

ciscoasr_9922Match-

VendorProductVersionCPE
ciscoios_xr6.5.1cpe:2.3:o:cisco:ios_xr:6.5.1:*:*:*:*:*:*:*
ciscoios_xr6.5.2cpe:2.3:o:cisco:ios_xr:6.5.2:*:*:*:*:*:*:*
ciscoios_xr6.5.3cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*
ciscoasr_9001-cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*
ciscoasr_9006-cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*
ciscoasr_9010-cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*
ciscoasr_9901-cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*
ciscoasr_9904-cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*
ciscoasr_9912-cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*
ciscoasr_9922-cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xr	6.5.1	cpe:2.3:o:cisco:ios_xr:6.5.1:::::::*
cisco	ios_xr	6.5.2	cpe:2.3:o:cisco:ios_xr:6.5.2:::::::*
cisco	ios_xr	6.5.3	cpe:2.3:o:cisco:ios_xr:6.5.3:::::::*
cisco	asr_9001	-	cpe:2.3:h:cisco:asr_9001:-:::::::*
cisco	asr_9006	-	cpe:2.3:h:cisco:asr_9006:-:::::::*
cisco	asr_9010	-	cpe:2.3:h:cisco:asr_9010:-:::::::*
cisco	asr_9901	-	cpe:2.3:h:cisco:asr_9901:-:::::::*
cisco	asr_9904	-	cpe:2.3:h:cisco:asr_9904:-:::::::*
cisco	asr_9912	-	cpe:2.3:h:cisco:asr_9912:-:::::::*
cisco	asr_9922	-	cpe:2.3:h:cisco:asr_9922:-:::::::*

CNA Affected

[
  {
    "product": "Cisco IOS XR Software",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "n/a",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-iosxr-ssh-bypass

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

27.0%

JSON

Related for CVE-2019-15998