ID

VAR-201909-0178


CVE

CVE-2019-12664


TITLE

Cisco IOS XE Software authentication vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2019-010293

DESCRIPTION

A vulnerability in the Dialer interface feature for ISDN connections in Cisco IOS XE Software for Cisco 4000 Series Integrated Services Routers (ISRs) could allow an unauthenticated, adjacent attacker to pass IPv4 traffic through an ISDN channel prior to successful PPP authentication. The vulnerability is due to insufficient validation of the state of the PPP IP Control Protocol (IPCP). An attacker could exploit this vulnerability by making an ISDN call to an affected device and sending traffic through the ISDN channel prior to successful PPP authentication. Alternatively, an unauthenticated, remote attacker could exploit this vulnerability by sending traffic through an affected device that is configured to exit via an ISDN connection for which both the Dialer interface and the Basic Rate Interface (BRI) have been configured, but the Challenge Handshake Authentication Protocol (CHAP) password for PPP does not match the remote end. A successful exploit could allow the attacker to pass IPv4 traffic through an unauthenticated ISDN connection for a few seconds, from initial ISDN call setup until PPP authentication fails. Cisco IOS XE There is an authentication vulnerability in the software.Information may be tampered with. Cisco 4000 Series Integrated Services Routers is a 4000 series enterprise-class multi-service router produced by Cisco (Cisco)

Trust: 1.71

sources: NVD: CVE-2019-12664 // JVNDB: JVNDB-2019-010293 // VULHUB: VHN-144433

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion:16.6.4

Trust: 1.6

vendor:ciscomodel:ios xescope: - version: -

Trust: 0.8

vendor:ciscomodel:isr 4351scope:eqversion: -

Trust: 0.6

vendor:ciscomodel:isr 4331scope:eqversion: -

Trust: 0.6

vendor:ciscomodel:isr 4321scope:eqversion: -

Trust: 0.6

sources: JVNDB: JVNDB-2019-010293 // CNNVD: CNNVD-201909-1137 // NVD: CVE-2019-12664

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-12664
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-12664
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-12664
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201909-1137
value: MEDIUM

Trust: 0.6

VULHUB: VHN-144433
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-12664
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-144433
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-12664
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2019-12664
baseSeverity: MEDIUM
baseScore: 4.7
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 1.4
version: 3.0

Trust: 1.0

NVD: CVE-2019-12664
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-144433 // JVNDB: JVNDB-2019-010293 // CNNVD: CNNVD-201909-1137 // NVD: CVE-2019-12664 // NVD: CVE-2019-12664

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.9

problemtype:CWE-200

Trust: 1.0

sources: VULHUB: VHN-144433 // JVNDB: JVNDB-2019-010293 // NVD: CVE-2019-12664

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201909-1137

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-010293

PATCH

title:cisco-sa-20190925-isdn-data-leakurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-isdn-data-leak

Trust: 0.8

title:Cisco 4000 Series Integrated Services Routers IOS XE Repair measures for information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98555

Trust: 0.6

sources: JVNDB: JVNDB-2019-010293 // CNNVD: CNNVD-201909-1137

EXTERNAL IDS

db:NVDid:CVE-2019-12664

Trust: 2.5

db:JVNDBid:JVNDB-2019-010293

Trust: 0.8

db:CNNVDid:CNNVD-201909-1137

Trust: 0.7

db:AUSCERTid:ESB-2019.3615.2

Trust: 0.6

db:AUSCERTid:ESB-2019.3615

Trust: 0.6

db:VULHUBid:VHN-144433

Trust: 0.1

sources: VULHUB: VHN-144433 // JVNDB: JVNDB-2019-010293 // CNNVD: CNNVD-201909-1137 // NVD: CVE-2019-12664

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-isdn-data-leak

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-12664

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12664

Trust: 0.8

url:https://vigilance.fr/vulnerability/cisco-ios-xe-privilege-escalation-via-isdn-data-leak-30434

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.3615.2/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.3615/

Trust: 0.6

sources: VULHUB: VHN-144433 // JVNDB: JVNDB-2019-010293 // CNNVD: CNNVD-201909-1137 // NVD: CVE-2019-12664

SOURCES

db:VULHUBid:VHN-144433
db:JVNDBid:JVNDB-2019-010293
db:CNNVDid:CNNVD-201909-1137
db:NVDid:CVE-2019-12664

LAST UPDATE DATE

2024-08-14T13:25:56.942000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-144433date:2019-10-09T00:00:00
db:JVNDBid:JVNDB-2019-010293date:2019-10-10T00:00:00
db:CNNVDid:CNNVD-201909-1137date:2019-10-15T00:00:00
db:NVDid:CVE-2019-12664date:2023-05-22T18:57:24.750

SOURCES RELEASE DATE

db:VULHUBid:VHN-144433date:2019-09-25T00:00:00
db:JVNDBid:JVNDB-2019-010293date:2019-10-10T00:00:00
db:CNNVDid:CNNVD-201909-1137date:2019-09-25T00:00:00
db:NVDid:CVE-2019-12664date:2019-09-25T21:15:11.343