Cisco IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability

high Nessus Plugin ID 127050

Synopsis

The remote device is missing a vendor-supplied security patch

Description

According to its self-reported version, the installed Cisco IOS XE software is affected by a vulnerability in the Cisco Network Plug-and-Play (PnP) agent. This vulnerability allows an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability exists because the affected software insufficiently validates certificates. An attacker can exploit this vulnerability by supplying a specially crafted certificate to an affected device. A successful exploit allows the attacker to conduct man-in-the-middle attacks to decrypt and modify confidential information on user connections to the affected software. (CVE-2019-1748)

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCvf36269 and CSCvg01089.

See Also

http://www.nessus.org/u?9f246a7b

http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-71135

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvf36269

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvg01089

Plugin Details

Severity: High

ID: 127050

File Name: cisco-sa-20190327-pnp-cert-iosxe.nasl

Version: 1.10

Type: combined

Family: CISCO

Published: 7/26/2019

Updated: 5/3/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: Medium

Base Score: 5.8

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2019-1748

CVSS v3

Risk Factor: High

Base Score: 7.4

Temporal Score: 6.4

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:ios_xe

Required KB Items: Host/Cisco/IOS-XE/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 3/27/2019

Vulnerability Publication Date: 3/27/2019

Reference Information

CVE: CVE-2019-1748

BID: 107619