CVE-2019-15998

Published: Nov 26, 2019Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

A vulnerability in the access-control logic of the NETCONF over Secure Shell (SSH) of Cisco IOS XR Software may allow connections despite an access control list (ACL) that is configured to deny access to the NETCONF over SSH of an affected device. The vulnerability is due to a missing check in the NETCONF over SSH access control list (ACL). An attacker could exploit this vulnerability by connecting to an affected device using NETCONF over SSH. A successful exploit could allow the attacker to connect to the device on the NETCONF port. Valid credentials are required to access the device. This vulnerability does not affect connections to the default SSH process on the device.

Affected (3)

Products: Cisco: Ios Xr

Cisco

1 product

Ios Xr

Configuration A

3 vulnerable · 7 platform

Vulnerable Software	Affected Versions
Cisco Ios Xr	Version 6.5.1
Cisco Ios Xr	Version 6.5.2
Cisco Ios Xr	Version 6.5.3

Running on/with	Platform Versions
Cisco Asr 9001	All versions
Cisco Asr 9006	All versions
Cisco Asr 9010	All versions
Cisco Asr 9901	All versions
Cisco Asr 9904	All versions
Cisco Asr 9912	All versions
Cisco Asr 9922	All versions

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

CWE-862

Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

References (2)

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-iosxr-ssh-bypass

Source: psirt@cisco.com

Vendor Advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-iosxr-ssh-bypass

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.