Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.9
CVSSv3

CVE-2019-1757

Published: 28/03/2019 Updated: 04/03/2024
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Ios Xe

Vulnerability Summary

A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote malicious user to gain unauthorized read access to sensitive data using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the malicious user to conduct man-in-the-middle attacks to decrypt confidential information on user connections to the affected software.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco ios xe 3.6.5be

cisco ios 15.2\\(2\\)e5b

cisco ios 12.4\\(25e\\)jap26

cisco ios 15.6\\(2\\)sp2

cisco ios xe 3.7.4e

cisco ios 15.6\\(2\\)t3

cisco ios xe 3.9.0e

cisco ios 15.6\\(1\\)t2

cisco ios 15.5\\(3\\)s1a

cisco ios xe 16.2.1

cisco ios xe 3.8.3e

cisco ios 15.2\\(3\\)e4

cisco ios xe 3.6.5ae

cisco ios xe 3.18.2s

cisco ios xe 3.6.4e

cisco ios xe 3.6.6e

cisco ios 15.6\\(2\\)t1

cisco ios 15.6\\(2\\)sp

cisco ios xe 3.17.3s

cisco ios 15.2\\(4m\\)e3

cisco ios 15.2\\(2\\)e6

cisco ios 15.6\\(3\\)m1

cisco ios xe 3.16.4s

cisco ios 15.6\\(3\\)m3

cisco ios 12.4\\(25e\\)jap2

cisco ios xe 3.17.1as

cisco ios 15.6\\(1\\)s2

cisco ios 15.5\\(3\\)s5

cisco ios xe 3.18.2asp

cisco ios 15.2\\(3\\)e5

cisco ios xe 3.18.3s

cisco ios 15.2\\(5a\\)e1

cisco ios xe 3.18.0as

cisco ios 15.7\\(3\\)m

cisco ios xe 3.8.4e

cisco ios 15.2\\(4n\\)e2

cisco ios 15.6\\(3\\)m2a

cisco ios xe 3.16.2s

cisco ios xe 3.6.7e

cisco ios 12.4\\(25e\\)jaz1

cisco ios 15.6\\(2\\)s

cisco ios 15.6\\(2\\)s2

cisco ios 15.5\\(3\\)s4

cisco ios 15.3\\(3\\)ja1n

cisco ios xe 3.18.3sp

cisco ios xe 16.6.1

cisco ios xe 3.18.1sp

cisco ios xe 3.17.4s

cisco ios 15.6\\(1\\)s4

cisco ios 15.6\\(2\\)t2

cisco ios 15.6\\(2\\)sn

cisco ios 15.2\\(5\\)ea

cisco ios xe 3.16.6s

cisco ios 15.2\\(4\\)e2

cisco ios xe 3.16.5s

cisco ios 15.5\\(3\\)s2

cisco ios 15.2\\(5c\\)e

cisco ios xe 3.16.1s

cisco ios 15.6\\(2\\)s4

cisco ios xe 3.7.5e

cisco ios 15.5\\(3\\)s1

cisco ios 15.2\\(2\\)e4

cisco ios 15.2\\(5\\)e2

cisco ios 15.2\\(4p\\)e1

cisco ios 15.6\\(1\\)t1

cisco ios 15.6\\(3\\)m1b

cisco ios xe 3.18.1bsp

cisco ios xe 3.8.2e

cisco ios xe 3.18.1csp

cisco ios xe 3.18.0s

cisco ios 15.2\\(5b\\)e

cisco ios 15.2\\(4\\)e4

cisco ios 15.2\\(2\\)e5

cisco ios 15.6\\(3\\)m

cisco ios 15.6\\(1\\)s3

cisco ios 15.3\\(3\\)jn2

cisco ios xe 3.17.0s

cisco ios xe 3.16.4ds

cisco ios 15.6\\(1\\)s1

cisco ios 15.6\\(2\\)t

cisco ios 15.6\\(3\\)m0a

cisco ios 15.6\\(2\\)s3

cisco ios 15.6\\(1\\)t0a

cisco ios xe 3.16.3s

cisco ios 15.2\\(2\\)e5a

cisco ios 15.2\\(4\\)jaz1

cisco ios 15.6\\(2\\)sp1

cisco ios 12.4\\(25e\\)jap1m

cisco ios xe 3.17.1s

cisco ios xe 3.18.2sp

cisco ios 15.6\\(1\\)s

cisco ios xe 16.4.1

cisco ios 15.6\\(2\\)sp3

cisco ios xe 3.16.2bs

cisco ios xe 3.16.1as

cisco ios xe 3.18.1s

cisco ios 15.2\\(5\\)ex

cisco ios xe 16.2.2

cisco ios 15.6\\(2\\)s1

cisco ios 15.6\\(3\\)m2

cisco ios xe 3.18.0sp

cisco ios xe 3.16.3as

cisco ios 15.2\\(4o\\)e2

cisco ios 15.2\\(4\\)e3

cisco ios xe 3.16.4as

cisco ios 15.2\\(5a\\)e

cisco ios xe 3.16.4bs

cisco ios 15.5\\(3\\)s3

cisco ios xe 3.6.5e

cisco ios 15.2\\(2\\)e7

cisco ios 15.3\\(3\\)jn1

cisco ios xe 16.3.1

cisco ios 15.2\\(5\\)e1

cisco ios 15.2\\(5\\)e

cisco ios xe 3.16.2as

cisco ios xe 3.18.1asp

cisco ios xe 3.9.1e

cisco ios 15.2\\(4\\)jn1

cisco ios 15.6\\(1\\)t

cisco ios xe 16.3.1a

cisco ios xe 16.3.2

cisco ios xe 16.3.3

cisco ios 15.6\\(1\\)t3

cisco ios 15.2\\(5\\)e2b

cisco ios xe 3.16.6bs

cisco ios xe 16.5.1

cisco ios xe 16.5.1a

cisco ios xe 16.3.4

cisco ios 15.2\\(5\\)e2c

cisco ios xe 3.9.2e

cisco ios xe 16.5.1b

cisco ios xe 16.4.2

cisco ios xe 16.3.5b

cisco ios xe 16.3.6

cisco ios xe 16.6.3

cisco ios 15.6\\(3\\)m1a

cisco ios 15.6\\(3\\)m3a

cisco ios 15.7\\(3\\)m0a

cisco ios 15.7\\(3\\)m1

cisco ios 15.7\\(3\\)m2

cisco ios xe 16.8.1

cisco ios xe 16.7.1

cisco ios xe 16.6.2

cisco ios xe 3.8.5e

cisco ios 15.6\\(1\\)sn2

cisco ios 15.1\\(3\\)svo2

cisco ios xe 3.16.4gs

cisco ios 15.5\\(3\\)s6a

cisco ios xe 3.16.4cs

cisco ios 15.5\\(3\\)s6b

cisco ios 15.2\\(4s\\)e1

cisco ios 15.2\\(4s\\)e2

cisco ios 15.6\\(1\\)sn1

cisco ios xe 3.16.5bs

cisco ios 15.6\\(1\\)sn3

cisco ios xe 3.16.4es

cisco ios 15.6\\(6\\)sn

cisco ios xe 16.3.5

cisco ios 15.2\\(4m\\)e2

cisco ios 12.2\\(6\\)i1

cisco ios xe 16.5.2

cisco ios xe 3.9.2be

cisco ios 15.6\\(1\\)sn

cisco ios xe 3.16.5as

cisco ios 15.6\\(5\\)sn

cisco ios 15.6\\(7\\)sn

cisco ios 15.2\\(4\\)e5a

cisco ios xe 3.8.5ae

cisco ios 15.1\\(3\\)svp1

cisco ios 15.6\\(2\\)sp3b

cisco ios 15.2\\(3\\)ea1

cisco ios 15.2\\(4q\\)e1

cisco ios 15.6\\(4\\)sn

cisco ios 15.2\\(4a\\)ea5

cisco ios 15.6\\(3\\)sn

cisco ios 15.1\\(2\\)sg8a

cisco ios 15.5\\(3\\)s6

cisco ios 15.2\\(4\\)e5

cisco ios 15.1\\(4\\)m12c

cisco ios 15.2\\(4o\\)e3

cisco ios xe 16.8.1a

cisco ios xe 16.8.1s

cisco ios xe 16.8.1b

cisco ios xe 16.8.2

cisco ios xe 16.7.2

cisco ios xe 16.8.1d

cisco ios xe 16.7.1a

cisco ios xe 16.7.1b

cisco ios xe 16.8.1c

cisco ios 15.2\\(4\\)ea9

cisco ios 15.6\\(2\\)sp4

cisco ios xe 16.4.3

cisco ios 15.6\\(2\\)t0a

cisco ios 15.6\\(3\\)m4

cisco ios xe 3.6.8e

cisco ios 15.3\\(3\\)ji

cisco ios xe 3.10.0ce

cisco ios 15.1\\(3\\)svg3d

cisco ios xe 3.6.7ae

cisco ios 15.2\\(4\\)e6

cisco ios xe 3.18.3asp

cisco ios 15.2\\(2\\)e7b

cisco ios xe 3.10.0e

cisco ios 15.2\\(6\\)e1

cisco ios 15.2\\(6\\)e

cisco ios 15.2\\(4\\)ea8

cisco ios 15.2\\(6\\)e0c

cisco ios xe 3.18.1isp

cisco ios 15.1\\(3\\)svn2

cisco ios xe 16.9.1s

cisco ios 15.1\\(3\\)svi1b

cisco ios 15.3\\(3\\)jd15

cisco ios xe 3.16.7as

cisco ios xe 3.18.1gsp

cisco ios 15.3\\(3\\)jf35

cisco ios xe 3.18.4s

cisco ios xe 3.16.7s

cisco ios 15.1\\(3\\)svo1

cisco ios xe 16.9.1c

cisco ios xe 3.18.3bsp

cisco ios xe 16.9.1b

cisco ios 15.2\\(2\\)e8

cisco ios xe 3.16.7bs

cisco ios xe 3.18.4sp

cisco ios 15.2\\(6\\)e0a

cisco ios 15.5\\(3\\)s7

cisco ios 15.3\\(3\\)jda15

cisco ios 15.1\\(3\\)svm3

cisco ios xe 3.6.7be

cisco ios xe 3.8.6e

cisco ios 15.3\\(3\\)ji2

cisco ios xe 16.5.3

cisco ios xe 3.18.1hsp

cisco ios xe 3.10.1e

cisco ios 15.2\\(6\\)e1a

cisco ios xe 3.10.1ae

cisco ios xe 3.10.1se

cisco ios 15.2\\(6\\)e1s

cisco ios 2.3

Vendor Advisories

Cisco: Cisco IOS and IOS XE Software Smart Call Home Certificate Validation Vulnerability
A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid certificate The vulnerability is due to insufficient certificate validation by the affected software An attacker could exploit this vulnerability ...

References

CWE-295https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-call-home-certhttp://www.securityfocus.com/bid/107617https://nvd.nist.govhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-call-home-cert
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987buffer overflowCVE-2024-28890CVE-2024-27574CVE-2024-27347CVE-2024-31450privilegeSSTICVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook