CVE-2019-1950 - Vulnerability Details

A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, local attacker to gain unauthorized access to an affected device. The vulnerability is due to the existence of default credentials within the default configuration of an affected device. An attacker who has access to an affected device could log in with elevated privileges. A successful exploit could allow the attacker to take complete control of the device. This vulnerability affects Cisco devices that are running Cisco IOS XE SD-WAN Software releases 16.11 and earlier.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.0036.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	1100-4p Integrated Services Router 1100-8p Integrated Services Router 1101-4p Integrated Services Router 1109-2p Integrated Services Router 1109-4p Integrated Services Router 1111x-8p Integrated Services Router 4221 Integrated Services Router 4331 Integrated Services Router 4431 Integrated Services Router 4461 Integrated Services Router Asr 1000-x Asr 1001-hx Asr 1002-hx Asr 1002-x Asr 1004 Asr 1006 Asr 1006-x Asr 1009-x Asr 1013 Csr1000v Ios Xe Ir1101 Nexus 56128p Nexus 5624q Nexus 5648q Nexus 5672up Nexus 5672up-16g Nexus 5696q Ucs-e1120d-m3 Ucs-e140s-m2 Ucs-e160d-m2 Ucs-e160s-m3 Ucs-e180d-m2 Ucs-e180d-m3

Configuration 1 [-]

AND

cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4221_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4331_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4431_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4461_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:asr_1000-x:-:::::::*
	cpe:2.3:h:cisco:asr_1001-hx:-:::::::*
	cpe:2.3:h:cisco:asr_1002-hx:-:::::::*
	cpe:2.3:h:cisco:asr_1002-x:-:::::::*
	cpe:2.3:h:cisco:asr_1004:-:::::::*
	cpe:2.3:h:cisco:asr_1006:-:::::::*
	cpe:2.3:h:cisco:asr_1006-x:-:::::::*
	cpe:2.3:h:cisco:asr_1009-x:-:::::::*
	cpe:2.3:h:cisco:asr_1013:-:::::::*
	cpe:2.3:h:cisco:csr1000v:-:::::::*
	cpe:2.3:h:cisco:ir1101:-:::::::*
	cpe:2.3:h:cisco:nexus_56128p:-:::::::*
	cpe:2.3:h:cisco:nexus_5624q:-:::::::*
	cpe:2.3:h:cisco:nexus_5648q:-:::::::*
	cpe:2.3:h:cisco:nexus_5672up:-:::::::*
	cpe:2.3:h:cisco:nexus_5672up-16g:-:::::::*
	cpe:2.3:h:cisco:nexus_5696q:-:::::::*
	cpe:2.3:h:cisco:ucs-e1120d-m3:-:::::::*
	cpe:2.3:h:cisco:ucs-e140s-m2:-:::::::*
	cpe:2.3:h:cisco:ucs-e160d-m2:-:::::::*
	cpe:2.3:h:cisco:ucs-e160s-m3:-:::::::*
	cpe:2.3:h:cisco:ucs-e180d-m2:-:::::::*
	cpe:2.3:h:cisco:ucs-e180d-m3:-:::::::*

No data.

Fixes

Solution

Cisco fixed this vulnerability in Cisco IOS XE SD-WAN Software Release 16.12.1.

Workaround

To check for the presence of default credentials, customers can use the show running-configuration | include username admin command within the Cisco IOS XE SD-WAN Software command line. To remove the default credentials, customers can use the config-transaction and no username admin commands.

References

Link	Providers
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-cred-EVGSF259

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2020-02-19T19:55:12.864840Z

Updated: 2024-11-15T17:39:14.041Z

Reserved: 2018-12-06T00:00:00

Link: CVE-2019-1950

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-02-19T20:15:14.410

Modified: 2024-11-21T04:37:45.133

Link: CVE-2019-1950

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object