CVE-2019-1758

A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could exploit this vulnerability by attempting to connect to the network on an 802.1x configured port. A successful exploit could allow the attacker to intermittently obtain access to the network.

Published: Mar 28, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-1758
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CVSS v2:

Severity: Low
Score: 3.3
AV:A/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-287

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
cisco / ios	15.1(2)sy10	15.1(2)sy10.x
cisco / ios	15.2(2)sy	15.2(2)sy.x
cisco / ios	12.2(33)sxj8	12.2(33)sxj8.x
cisco / ios	15.2(1)sy1a	15.2(1)sy1a.x
cisco / ios	15.2(1)sy	15.2(1)sy.x
cisco / ios	15.4(1)sy	15.4(1)sy.x
cisco / ios	15.1(2)sy3	15.1(2)sy3.x
cisco / ios	12.2(33)sxj6	12.2(33)sxj6.x
cisco / ios	15.1(1)sy4	15.1(1)sy4.x
cisco / ios	15.1(2)sy	15.1(2)sy.x
cisco / ios	15.2(1)sy3	15.2(1)sy3.x
cisco / ios	15.1(2)sy1	15.1(2)sy1.x
cisco / ios	15.1(1)sy6	15.1(1)sy6.x
cisco / ios	15.3(3)ja1n	15.3(3)ja1n.x
cisco / ios	15.2(1)sy2	15.2(1)sy2.x
cisco / ios	15.1(2)sy6	15.1(2)sy6.x
cisco / ios	12.2(33)sxj9	12.2(33)sxj9.x
cisco / ios	15.3(1)sy1	15.3(1)sy1.x
cisco / ios	15.3(1)sy2	15.3(1)sy2.x
cisco / ios	15.3(1)sy	15.3(1)sy.x
cisco / ios	15.4(1)sy2	15.4(1)sy2.x
cisco / ios	15.1(2)sy7	15.1(2)sy7.x
cisco / ios	15.1(2)sy8	15.1(2)sy8.x
cisco / ios	15.2(2)sy1	15.2(2)sy1.x
cisco / ios	15.2(1)sy4	15.2(1)sy4.x
cisco / ios	15.4(1)sy1	15.4(1)sy1.x
cisco / ios	15.1(1)sy1	15.1(1)sy1.x
cisco / ios	15.1(1)sy5	15.1(1)sy5.x
cisco / ios	15.1(2)sy11	15.1(2)sy11.x
cisco / ios	12.2(33)sxj10	12.2(33)sxj10.x
cisco / ios	15.1(2)sy4a	15.1(2)sy4a.x
cisco / ios	15.1(2)sy2	15.1(2)sy2.x
cisco / ios	15.2(2)sy2	15.2(2)sy2.x
cisco / ios	15.5(1)sy	15.5(1)sy.x
cisco / ios	15.1(2)sy4	15.1(2)sy4.x
cisco / ios	15.1(2)sy5	15.1(2)sy5.x
cisco / ios	15.2(1)sy1	15.2(1)sy1.x
cisco / ios	15.1(1)sy3	15.1(1)sy3.x
cisco / ios	15.2(1)sy0a	15.2(1)sy0a.x
cisco / ios	15.1(1)sy2	15.1(1)sy2.x
cisco / ios	12.2(33)sxj7	12.2(33)sxj7.x
cisco / ios	15.2(4)jn1	15.2(4)jn1.x
cisco / ios	15.5(1)sy1	15.5(1)sy1.x
cisco / ios	15.1(2)sy9	15.1(2)sy9.x
cisco / ios	15.2(2)sy3	15.2(2)sy3.x
cisco / ios	15.1(3)svo2	15.1(3)svo2.x
cisco / ios	15.4(1)sy3	15.4(1)sy3.x
cisco / ios	15.1(3)svk4c	15.1(3)svk4c.x
cisco / ios	15.3(0)sy	15.3(0)sy.x
cisco / ios	15.2(1)sy5	15.2(1)sy5.x
cisco / ios	15.1(3)svp1	15.1(3)svp1.x
cisco / ios	15.6(2)sp3b	15.6(2)sp3b.x
cisco / ios	15.2(3)ea1	15.2(3)ea1.x
cisco / ios	15.2(4a)ea5	15.2(4a)ea5.x
cisco / ios	15.1(3)svk4b	15.1(3)svk4b.x
cisco / ios	15.1(2)sg8a	15.1(2)sg8a.x
cisco / ios	15.1(4)m12c	15.1(4)m12c.x
cisco / ios	15.1(3)svg3d	15.1(3)svg3d.x
cisco / ios	15.1(3)svn2	15.1(3)svn2.x
cisco / ios	15.1(3)svi1b	15.1(3)svi1b.x
cisco / ios	15.3(3)jf35	15.3(3)jf35.x
cisco / ios	15.1(3)svo1	15.1(3)svo1.x
cisco / ios	15.1(3)svm3	15.1(3)svm3.x
cisco / ios	15.3(3)ji2	15.3(3)ji2.x
cisco / ios	15.2(1)sy7	15.2(1)sy7.x
cisco / ios	15.2(1)sy6	15.2(1)sy6.x
cisco / ios	15.1(3)svp2	15.1(3)svp2.x
cisco / ios	15.1(2)sy13	15.1(2)sy13.x
cisco / ios	15.5(1)sy2	15.5(1)sy2.x
cisco / ios	15.1(2)sy12	15.1(2)sy12.x
cisco / ios	12.2(60)ez12	12.2(60)ez12.x
cisco / ios	15.4(1)sy4	15.4(1)sy4.x

Vulnerability Database

289,599

CVE-2019-1758