CVE-2019-1675

A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor. The vulnerability is due to a default local account with a static password. The account has privileges only to reboot the device. An attacker could exploit this vulnerability by guessing the account name and password to access the CLI. A successful exploit could allow the attacker to reboot the device repeatedly, creating a denial of service (DoS) condition. It is not possible to change the configuration or view sensitive data with this account. Versions prior to DNAC1.2.8 are affected.

CVSS v3 7.5 HIGH
CVSS v2.0 7.8 HIGH

7.5^/10

CVSS v3 : HIGH

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

7.8^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://www.securityfocus.com/bid/106944	Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-aas-creds	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:h:cisco:aironet_active_sensor:-:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:cisco:digital_network_architecture_center:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-02-07 20:29

Updated : 2024-02-28 16:48

NVD link : CVE-2019-1675

Mitre link : CVE-2019-1675

CVE.ORG link : CVE-2019-1675

JSON object : View

Products Affected

cisco

digital_network_architecture_center
aironet_active_sensor

CWE

CWE-798

Use of Hard-coded Credentials

{"id": "CVE-2019-1675", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2019-02-07T20:29:00.277", "references": [{"url": "http://www.securityfocus.com/bid/106944", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-aas-creds", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-798"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor. The vulnerability is due to a default local account with a static password. The account has privileges only to reboot the device. An attacker could exploit this vulnerability by guessing the account name and password to access the CLI. A successful exploit could allow the attacker to reboot the device repeatedly, creating a denial of service (DoS) condition. It is not possible to change the configuration or view sensitive data with this account. Versions prior to DNAC1.2.8 are affected."}, {"lang": "es", "value": "Una vulnerabilidad en la configuraci\u00f3n por defecto de Cisco Aironet Active Sensor podr\u00eda permitir que un atacante remoto sin autenticar reinicie el sensor. La vulnerabilidad se debe a una cuenta local por defecto con una contrase\u00f1a est\u00e1tica. La cuenta solo tiene privilegios para reiniciar el dispositivo. Un atacante podr\u00eda explotar esta vulnerabilidad adivinando el nombre de la cuenta y la contrase\u00f1a para acceder a la interfaz de l\u00ednea de comandos. Si se explota con \u00e9xito, podr\u00eda permitir que el atacante reinicie el dispositivo repetidamente, provocando una denegaci\u00f3n de servicio (DoS). No es posible cambiar la configuraci\u00f3n o ver datos sensibles con esta cuenta. Las versiones anteriores a DNAC1.2.8 se han visto afectadas."}], "lastModified": "2019-10-09T23:47:41.673", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:aironet_active_sensor:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48EB2CAA-42D4-4064-AE6F-B68CB2B9A346"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:digital_network_architecture_center:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EAB33BEA-600F-4893-94D8-7E1750BD38E0", "versionEndExcluding": "1.2.8"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}