CVE-2019-1748
published 2019-03-28CVE-2019-1748: A vulnerability in the Cisco Network Plug-and-Play (PnP) agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker…
high7.4CVSS 3.1
AVNACHPRNUINSUCHIHAN
A vulnerability in the Cisco Network Plug-and-Play (PnP) agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability exists because the affected software insufficiently validates certificates. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt and modify confidential information on user connections to the affected software.
Affected
1113 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |
| cisco | cisco_ios_and_ios_xe_software | — | — |