Details of VAR-201903-0565

ID

VAR-201903-0565

CVE

CVE-2019-1757

TITLE

Cisco IOS and IOS XE Certificate validation vulnerability in software

Trust: 0.8

sources: JVNDB: JVNDB-2019-002961

DESCRIPTION

A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on user connections to the affected software. Cisco IOS and IOS XE There is a certificate validation vulnerability in the software.Information may be obtained. This issue is being tracked by Cisco Bug ID CSCvg83741

Trust: 1.98

sources: NVD: CVE-2019-1757 // JVNDB: JVNDB-2019-002961 // BID: 107617 // VULHUB: VHN-149829

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	2.3	Trust: 1.3
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4s\)e2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)sn3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.5be	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)s3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(3\)svn2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.5e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1csp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.2e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)sp3b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(6\)e1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)t	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(6\)e1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.3bsp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.4e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ea8	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.5as	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(3\)svi1b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4p\)e1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s6a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)jaz1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.4sp	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jda15	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1hsp	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)s4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.7bs	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)t	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1sp	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(3\)svo1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)sp1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)t0a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)sp4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)t2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(4\)sn	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4m\)e2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)s1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4cs	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s7	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.1a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.3s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)ja1n	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.1s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(7\)sn	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1asp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.1ae	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.2be	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.2asp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.6e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5a\)e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1isp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4as	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5\)e2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5\)ex	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m3a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(6\)i1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4o\)e3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.4e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.3as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.1b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)e2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)t1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.4s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5\)e1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.4e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)e4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.5e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(25e\)jap2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)sn	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)sp	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4s\)e1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.0s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jn2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(3\)svo2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s6b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(25e\)jap26	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jn1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(6\)e0a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)sp2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m0a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.2sp	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5a\)e1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4ds	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(25e\)jap1m	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(4\)m12c	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4q\)e1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.6e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4n\)e2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.7be	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.1as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.6s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.0as	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(3\)svg3d	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4es	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.5ae	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.1se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)t3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.5bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.2bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)t1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1d	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.0e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)ea1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m1a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(2\)sg8a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.3e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ea9	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.2.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.2.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.1as	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)t0a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.0e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4a\)ea5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)jn1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4bs	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4m\)e3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.2as	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)s1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5c\)e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.3asp	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jf35	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(5\)sn	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4gs	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.0ce	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.7e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.3sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.4.1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e5b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)e6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m2a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.7ae	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5\)e2c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.5e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)s3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1bsp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.5s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.8e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)sn1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)t3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)sp3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.2e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.5b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)e5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5\)ea	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)sn	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e5a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(6\)e0c	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)s4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m0a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e7b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)e5a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.0sp	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5b\)e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(6\)e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(3\)svm3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)s2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)s2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.4.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5\)e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.7s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)t2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)e3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)sn2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(6\)e1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.4.2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)e4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jd15	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4o\)e2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(6\)sn	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)ji	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)ji2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(25e\)jaz1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)e5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.7as	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5\)e2b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.6bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1gsp	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e7	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.5ae	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)sn	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(3\)svp1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios xe software	scope:	eq	version:	0	Trust: 0.3

sources: BID: 107617 // JVNDB: JVNDB-2019-002961 // NVD: CVE-2019-1757

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1757
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-1757
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201903-1067
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-149829
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-1757
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-149829
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-1757
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.2
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2019-1757
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-149829 // JVNDB: JVNDB-2019-002961 // CNNVD: CNNVD-201903-1067 // NVD: CVE-2019-1757

PROBLEMTYPE DATA

problemtype:

CWE-295

Trust: 1.9

sources: VULHUB: VHN-149829 // JVNDB: JVNDB-2019-002961 // NVD: CVE-2019-1757

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201903-1067

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201903-1067

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-002961

PATCH

title:	cisco-sa-20190327-call-home-cert	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-call-home-cert	Trust: 0.8
title:	Cisco IOS and IOS XE Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90485	Trust: 0.6

sources: JVNDB: JVNDB-2019-002961 // CNNVD: CNNVD-201903-1067

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1757	Trust: 2.8
db:	BID	id:	107617	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-002961	Trust: 0.8
db:	CNNVD	id:	CNNVD-201903-1067	Trust: 0.7
db:	NSFOCUS	id:	43604	Trust: 0.6
db:	VULHUB	id:	VHN-149829	Trust: 0.1

sources: VULHUB: VHN-149829 // BID: 107617 // JVNDB: JVNDB-2019-002961 // CNNVD: CNNVD-201903-1067 // NVD: CVE-2019-1757

REFERENCES

url:	http://www.securityfocus.com/bid/107617	Trust: 2.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190327-call-home-cert	Trust: 2.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1757	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1757	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/43604	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-ios-ios-xe-multiple-vulnerabilities-28888	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-149829 // BID: 107617 // JVNDB: JVNDB-2019-002961 // CNNVD: CNNVD-201903-1067 // NVD: CVE-2019-1757

CREDITS

Cisco ?? ??,Cisco

Trust: 0.6

sources: CNNVD: CNNVD-201903-1067

SOURCES

db:	VULHUB	id:	VHN-149829
db:	BID	id:	107617
db:	JVNDB	id:	JVNDB-2019-002961
db:	CNNVD	id:	CNNVD-201903-1067
db:	NVD	id:	CVE-2019-1757

LAST UPDATE DATE

2024-08-14T14:04:35.994000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-149829	date:	2019-10-09T00:00:00
db:	BID	id:	107617	date:	2019-03-27T00:00:00
db:	JVNDB	id:	JVNDB-2019-002961	date:	2019-04-26T00:00:00
db:	CNNVD	id:	CNNVD-201903-1067	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2019-1757	date:	2024-03-04T22:59:52.460

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-149829	date:	2019-03-28T00:00:00
db:	BID	id:	107617	date:	2019-03-27T00:00:00
db:	JVNDB	id:	JVNDB-2019-002961	date:	2019-04-26T00:00:00
db:	CNNVD	id:	CNNVD-201903-1067	date:	2019-03-27T00:00:00
db:	NVD	id:	CVE-2019-1757	date:	2019-03-28T01:29:00.423