CVE-2019-1842

Current Description

A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could allow an authenticated, remote attacker to successfully log in to an affected device using two distinct usernames. The vulnerability is due to a logic error that may occur when certain sequences of actions are processed during an SSH login event on the affected device. An attacker could exploit this vulnerability by initiating an SSH session to the device with a specific sequence that presents the two usernames. A successful exploit could result in logging data misrepresentation, user enumeration, or, in certain circumstances, a command authorization bypass. See the Details section for more information.

Basic Data

PublishedJune 05, 2019
Last ModifiedJune 10, 2019
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-285
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:S/C:P/I:P/A:N
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationSINGLE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactNONE
CVSS 2 - Base Score5.5
SeverityMEDIUM
Exploitability Score8.0
Impact Score4.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

CVSS 3 - Version3.0
CVSS 3 - Vector StringCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CVSS 3 - Attack VectorNETWORK
CVSS 3 - Attack ComplexityLOW
CVSS 3 - Privileges RequiredLOW
CVSS 3 - User InteractionNONE
CVSS 3 - ScopeUNCHANGED
CVSS 3 - Confidentiality ImpactLOW
CVSS 3 - Integrity ImpactLOW
CVSS 3 - Availability ImpactNONE
CVSS 3 - Base Score5.4
CVSS 3 - Base SeverityMEDIUM
Exploitability Score2.8
Base SeverityMEDIUM

Configurations

  • AND
    • OR - Configuration 1
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSCiscoIos Xr Firmware6.1.2.tools*******
      2.3OSCiscoIos Xr Firmware6.1.3.tools*******
      2.3OSCiscoIos Xr Firmware6.2.3.tools*******
      2.3OSCiscoIos Xr Firmware6.4.2.tools*******
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3HardwareCiscoAsr 9001-*******
      2.3HardwareCiscoAsr 9006-*******
      2.3HardwareCiscoAsr 9010-*******
      2.3HardwareCiscoAsr 9901-*******
      2.3HardwareCiscoAsr 9904-*******
      2.3HardwareCiscoAsr 9906-*******
      2.3HardwareCiscoAsr 9910-*******
      2.3HardwareCiscoAsr 9912-*******
      2.3HardwareCiscoAsr 9922-*******
      2.3HardwareCiscoCrs-1 16-slot Line Card Chassis-*******
      2.3HardwareCiscoCrs-1 16-slot Single-shelf System-*******
      2.3HardwareCiscoCrs-1 4-slot Single-shelf System-*******
      2.3HardwareCiscoCrs-1 8-slot Line Card Chassis-*******
      2.3HardwareCiscoCrs-1 8-slot Single-shelf System-*******
      2.3HardwareCiscoCrs-1 Fabric Card Chassis-*******
      2.3HardwareCiscoCrs-1 Line Card Chassis (dual)-*******
      2.3HardwareCiscoCrs-1 Line Card Chassis (multi)-*******
      2.3HardwareCiscoCrs-1 Multishelf System-*******
      2.3HardwareCiscoCrs-3 16-slot Single-shelf System-*******
      2.3HardwareCiscoCrs-3 4-slot Single-shelf System-*******
      2.3HardwareCiscoCrs-3 8-slot Single-shelf System-*******
      2.3HardwareCiscoCrs-3 Multishelf System-*******
      2.3HardwareCiscoCrs-8/s-b Crs-*******
      2.3HardwareCiscoCrs-8/scrs-*******
      2.3HardwareCiscoCrs-x 16-slot Single-shelf System-*******
      2.3HardwareCiscoCrs-x Multishelf System-*******
      2.3HardwareCiscoNcs 6008-8-slot Chassis-*******
      2.3HardwareCiscoNetwork Convergence System 5508-*******

Vulnerable Software List

VendorProductVersions
Cisco Ios Xr Firmware 6.1.2.tools, 6.1.3.tools, 6.2.3.tools, 6.4.2.tools

References

NameSourceURLTags
108687http://www.securityfocus.com/bid/108687BID
20190605 Cisco IOS XR Software Secure Shell Authentication Vulnerabilityhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-sshCISCOVendor Advisory