ID

VAR-201906-0681


CVE

CVE-2019-1842


TITLE

Cisco IOS XR Authorization vulnerabilities in software

Trust: 0.8

sources: JVNDB: JVNDB-2019-005275

DESCRIPTION

A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could allow an authenticated, remote attacker to successfully log in to an affected device using two distinct usernames. The vulnerability is due to a logic error that may occur when certain sequences of actions are processed during an SSH login event on the affected device. An attacker could exploit this vulnerability by initiating an SSH session to the device with a specific sequence that presents the two usernames. A successful exploit could result in logging data misrepresentation, user enumeration, or, in certain circumstances, a command authorization bypass. See the Details section for more information. Cisco IOS XR There is an authorization vulnerability in the software.Information may be obtained and information may be altered. An attacker can exploit this issue to gain unauthorized access, perform unintended actions and cause denial-of-service conditions. This may lead to further attacks. This issue is being tracked by Cisco Bug ID CSCvo03672. This vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products

Trust: 1.98

sources: NVD: CVE-2019-1842 // JVNDB: JVNDB-2019-005275 // BID: 108687 // VULHUB: VHN-150764

AFFECTED PRODUCTS

vendor:ciscomodel:ios xrscope:eqversion:6.4.2.tools

Trust: 1.0

vendor:ciscomodel:ios xrscope:eqversion:6.1.3.tools

Trust: 1.0

vendor:ciscomodel:ios xrscope:eqversion:6.2.3.tools

Trust: 1.0

vendor:ciscomodel:ios xrscope:eqversion:6.1.2.tools

Trust: 1.0

vendor:ciscomodel:ios xrscope: - version: -

Trust: 0.8

vendor:ciscomodel:network convergence systemscope:eqversion:55080

Trust: 0.3

vendor:ciscomodel:ncs 8-slot chassisscope:eqversion:6008-0

Trust: 0.3

vendor:ciscomodel:ios xr softwarescope:eqversion:6.5.2

Trust: 0.3

vendor:ciscomodel:ios xr softwarescope:eqversion:6.5

Trust: 0.3

vendor:ciscomodel:ios xr softwarescope:eqversion:6.2

Trust: 0.3

vendor:ciscomodel:carrier routing systemscope:eqversion: -

Trust: 0.3

vendor:ciscomodel:asr routerscope:eqversion:99220

Trust: 0.3

vendor:ciscomodel:asr routerscope:eqversion:99120

Trust: 0.3

vendor:ciscomodel:asr routerscope:eqversion:99100

Trust: 0.3

vendor:ciscomodel:asr routerscope:eqversion:99060

Trust: 0.3

vendor:ciscomodel:asr routerscope:eqversion:99040

Trust: 0.3

vendor:ciscomodel:asr routerscope:eqversion:99010

Trust: 0.3

vendor:ciscomodel:asr routerscope:eqversion:90100

Trust: 0.3

vendor:ciscomodel:asr routerscope:eqversion:90060

Trust: 0.3

vendor:ciscomodel:asr routerscope:eqversion:90010

Trust: 0.3

vendor:ciscomodel:ios xr softwarescope:neversion:7.0

Trust: 0.3

vendor:ciscomodel:ios xr softwarescope:neversion:6.6.2

Trust: 0.3

vendor:ciscomodel:ios xr softwarescope:neversion:6.5.3

Trust: 0.3

sources: BID: 108687 // JVNDB: JVNDB-2019-005275 // NVD: CVE-2019-1842

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1842
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1842
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1842
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201906-163
value: MEDIUM

Trust: 0.6

VULHUB: VHN-150764
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-1842
severity: MEDIUM
baseScore: 5.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-150764
severity: MEDIUM
baseScore: 5.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

ykramarz@cisco.com: CVE-2019-1842
baseSeverity: MEDIUM
baseScore: 5.4
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 2.5
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2019-1842
baseSeverity: MEDIUM
baseScore: 5.4
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 2.5
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-150764 // JVNDB: JVNDB-2019-005275 // CNNVD: CNNVD-201906-163 // NVD: CVE-2019-1842 // NVD: CVE-2019-1842

PROBLEMTYPE DATA

problemtype:CWE-285

Trust: 1.9

problemtype:CWE-287

Trust: 1.1

sources: VULHUB: VHN-150764 // JVNDB: JVNDB-2019-005275 // NVD: CVE-2019-1842

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201906-163

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201906-163

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-005275

PATCH

title:cisco-sa-20190605-iosxr-sshurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-ssh

Trust: 0.8

title:Cisco IOS XR Remediation measures for authorization problem vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93255

Trust: 0.6

sources: JVNDB: JVNDB-2019-005275 // CNNVD: CNNVD-201906-163

EXTERNAL IDS

db:NVDid:CVE-2019-1842

Trust: 2.8

db:BIDid:108687

Trust: 2.0

db:JVNDBid:JVNDB-2019-005275

Trust: 0.8

db:CNNVDid:CNNVD-201906-163

Trust: 0.7

db:AUSCERTid:ESB-2019.2024

Trust: 0.6

db:VULHUBid:VHN-150764

Trust: 0.1

sources: VULHUB: VHN-150764 // BID: 108687 // JVNDB: JVNDB-2019-005275 // CNNVD: CNNVD-201906-163 // NVD: CVE-2019-1842

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190605-iosxr-ssh

Trust: 2.6

url:http://www.securityfocus.com/bid/108687

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-1842

Trust: 1.4

url:http://www.cisco.com/

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1842

Trust: 0.8

url:https://vigilance.fr/vulnerability/cisco-ios-xr-information-disclosure-via-ssh-double-authentication-29476

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.2024/

Trust: 0.6

sources: VULHUB: VHN-150764 // BID: 108687 // JVNDB: JVNDB-2019-005275 // CNNVD: CNNVD-201906-163 // NVD: CVE-2019-1842

CREDITS

Adam Haleen of Cellcom Wireless

Trust: 0.9

sources: BID: 108687 // CNNVD: CNNVD-201906-163

SOURCES

db:VULHUBid:VHN-150764
db:BIDid:108687
db:JVNDBid:JVNDB-2019-005275
db:CNNVDid:CNNVD-201906-163
db:NVDid:CVE-2019-1842

LAST UPDATE DATE

2024-08-14T15:38:52.756000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-150764date:2020-10-16T00:00:00
db:BIDid:108687date:2019-06-05T00:00:00
db:JVNDBid:JVNDB-2019-005275date:2019-06-18T00:00:00
db:CNNVDid:CNNVD-201906-163date:2020-10-19T00:00:00
db:NVDid:CVE-2019-1842date:2020-10-16T15:41:44.930

SOURCES RELEASE DATE

db:VULHUBid:VHN-150764date:2019-06-05T00:00:00
db:BIDid:108687date:2019-06-05T00:00:00
db:JVNDBid:JVNDB-2019-005275date:2019-06-18T00:00:00
db:CNNVDid:CNNVD-201906-163date:2019-06-05T00:00:00
db:NVDid:CVE-2019-1842date:2019-06-05T17:29:00.430