Cisco Network Assurance Engine CVE-2019-1688 Default Credential Local Security Bypass Vulnerability
BID:107010
CVE-2019-1688 |Info
Cisco Network Assurance Engine CVE-2019-1688 Default Credential Local Security Bypass Vulnerability
| Bugtraq ID: | 107010 |
| Class: | Input Validation Error |
| CVE: |
CVE-2019-1688 |
| Remote: | No |
| Local: | Yes |
| Published: | Feb 12 2019 12:00AM |
| Updated: | Feb 12 2019 12:00AM |
| Credit: | Cisco |
| Vulnerable: |
Cisco Network Assurance Engine (NAE) 3.0(1) |
| Not Vulnerable: |
Cisco Network Assurance Engine (NAE) 3.0(1a) |
Discussion
Cisco Network Assurance Engine CVE-2019-1688 Default Credential Local Security Bypass Vulnerability
Cisco Network Assurance Engine is prone to a local security-bypass vulnerability.
An attackers with knowledge of the default credentials may exploit this vulnerability to gain unauthorized access and perform unauthorized actions. This may aid in further attacks.
This issue is tracked by Cisco Bug ID CSCvo18229.
Cisco Network Assurance Engine is prone to a local security-bypass vulnerability.
An attackers with knowledge of the default credentials may exploit this vulnerability to gain unauthorized access and perform unauthorized actions. This may aid in further attacks.
This issue is tracked by Cisco Bug ID CSCvo18229.
Solution / Fix
Cisco Network Assurance Engine CVE-2019-1688 Default Credential Local Security Bypass Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.