CVE-2019-1848

CWE-668Exposure to Wrong Sphere4 documents4 sources
Severity
9.3CRITICAL
EPSS
0.4%
top 41.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Cisco Digital Network Architecture Center (dna Center)Cisco Digital Network Architecture Center
Timeline
PublishedJun 20
Latest updateMay 24

Description

A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, adjacent attacker to bypass authentication and access critical internal services. The vulnerability is due to insufficient access restriction to ports necessary for system operation. An attacker could exploit this vulnerability by connecting an unauthorized network device to the subnet designated for cluster services. A successful exploit could allow an attacker to reach internal services that are

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:NExploitability: 2.8 | Impact: 5.8

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-72v5-4c4w-2chj: A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, adjacent attacker to bypass authentication and acce2022-05-24
CVEList
Cisco DNA Center Authentication Bypass Vulnerability2019-06-20

📋Vendor Advisories

1
Cisco
Cisco DNA Center Authentication Bypass Vulnerability2019-06-19
CVE-2019-1848 (CRITICAL CVSS 9.3) | A vulnerability in Cisco Digital Ne | cvebase.io