Published: 28/03/2019 Updated: 09/10/2020

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

A vulnerability in access control list (ACL) functionality of the Gigabit Ethernet Management interface of Cisco IOS XE Software could allow an unauthenticated, remote malicious user to reach the configured IP addresses on the Gigabit Ethernet Management interface. The vulnerability is due to a logic error that was introduced in the Cisco IOS XE Software 16.1.1 Release, which prevents the ACL from working when applied against the management interface. An attacker could exploit this issue by attempting to access the device via the management interface.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios xe 16.8.1s
cisco ios xe 16.3.6
cisco ios xe 16.8.1b
cisco ios xe 3.2.0ja
cisco ios xe 16.8.1
cisco ios xe 16.4.1
cisco ios xe 16.8.1a
cisco ios xe 16.5.2
cisco ios xe 16.7.1b
cisco ios xe 16.3.1
cisco ios xe 16.5.1a
cisco ios xe 16.8.1c
cisco ios xe 16.6.4
cisco ios xe 16.9.1c
cisco ios xe 16.7.2
cisco ios xe 16.3.2
cisco ios xe 16.9.1b
cisco ios xe 16.3.4
cisco ios xe 16.8.2
cisco ios xe 16.3.5
cisco ios xe 16.6.4s
cisco ios xe 16.2.2
cisco ios xe 16.3.5b
cisco ios xe 16.3.3
cisco ios xe 16.6.4a
cisco ios xe 16.7.1a
cisco ios xe 16.2.1
cisco ios xe 16.6.2
cisco ios xe 16.4.3
cisco ios xe 16.7.1
cisco ios xe 16.9.1d
cisco ios xe 16.3.7
cisco ios xe 16.9.1s
cisco ios xe 16.6.3
cisco ios xe 16.5.3
cisco ios xe 16.4.2
cisco ios xe 16.8.1d
cisco ios xe 16.5.1
cisco ios xe 16.9.2
cisco ios xe 16.5.1b
cisco ios xe 16.3.1a
cisco ios xe 16.6.1
cisco ios xe 16.9.1
cisco ios xe 16.9.1a
cisco ios xe 16.8.1e

A vulnerability in access control list (ACL) functionality of the Gigabit Ethernet Management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to reach the configured IP addresses on the Gigabit Ethernet Management interface The vulnerability is due to a logic error that was introduced in the Cisco IOS XE Softwar ...

Bolt-cms 3.6.10 Csrf -> xss -> rce

CVE-2019-1759 Bolt-cms 3610 Csrf -> xss -> rce

Bolt-cms 3.6.10 Csrf -> xss -> rce

CVE-2019-1759 Bolt-cms 3610 Csrf -> xss -> rce

CWE-287 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-mgmtacl http://www.securityfocus.com/bid/107660 https://nvd.nist.gov https://github.com/r3m0t3nu11/CVE-2019-1759 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-mgmtacl

CVE-2019-1759

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect