CVE-2019-1848
Summary
| CVE | CVE-2019-1848 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-06-20 03:15:00 UTC |
| Updated | 2019-10-09 23:48:00 UTC |
| Description | A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, adjacent attacker to bypass authentication and access critical internal services. The vulnerability is due to insufficient access restriction to ports necessary for system operation. An attacker could exploit this vulnerability by connecting an unauthorized network device to the subnet designated for cluster services. A successful exploit could allow an attacker to reach internal services that are not hardened for external access. |
Risk And Classification
Problem Types: CWE-668
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cisco | Digital Network Architecture Center | All | All | All | All |
| Application | Cisco | Digital Network Architecture Center | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Malformed Request | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Cisco DNA Center Authentication Bypass Vulnerability | CISCO | tools.cisco.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.