Vulnslist

find the latest Cisco vulnerabilities

Cisco IOS XR Software NETCONF Over Secure Shell ACL Bypass Vulnerability

cisco-sa-20191120-iosxr-ssh-bypass · Medium · Published · Updated

A vulnerability in the access-control logic of the NETCONF over Secure Shell (SSH) of Cisco IOS XR Software may allow connections despite an access control list (ACL) that is configured to deny access to the NETCONF over SSH of an affected device. The vulnerability is due to a missing check in the NETCONF over SSH access control list (ACL). An attacker could exploit this vulnerability by connecting to an affected device using NETCONF over SSH. A successful exploit could allow the attacker to connect to the device on the NETCONF port. Valid credentials are required to access the device. This vulnerability does not affect connections to the default SSH process on the device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-iosxr-ssh-bypass

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2019-15998
Cisco Bug IDsCSCvp91299
CVSS ScoreBase 5.3
Base 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco IOS XR Software

CSAF Product Statuses

Product Status Source CVE Rows
Cisco IOS XR Software known_affected cisco_csaf CVE-2019-15998 1

Related Products

Product CVE Evidence
Cisco IOS XR Software CVE-2019-15998 Cisco OpenVuln
Cisco IOS CVE-2019-15998 Cisco OpenVuln
Cisco IOS Software CVE-2019-15998 Cisco OpenVuln