3 matches found
Cisco IOS Authentication Bypass (CVE-2019-12643)
An authentication bypass vulnerability exists in the Cisco REST API Software. This vulnerability is due to a debugging API endpoint being enabled by default in the management of the REST API authentication service. Successful exploitation of this vulnerability could lead to an authentication bypa...
Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability – (CVE-2019-12643)
Cisco published an update for Cisco IOS XE operating system to patch a critical vulnerability that could allow a remote attacker to bypass authentication on devices running an outdated version of Cisco REST API virtual service container. The security issue is tracked as CVE-2019-12643 and has...
CVE-2019-12643
The CVE-2019-12643 issue affects the Cisco REST API virtual service container used with Cisco IOS XE Software. Root cause: an improper check in the REST API authentication service allows bypassing authentication, enabling an unauthenticated, remote attacker to obtain the token-id of an authentica...