Detections
Analytics

Cisco IOS XE Software NETCONF RESTCONF Authentication Bypass (cisco-sa-aaa-Yx47ZT8Q)

critical Nessus Plugin ID 153895

Language:

Synopsis

The remote device is missing a vendor-supplied security patch

Description

According to its self-reported version, Cisco IOS XE Software's authentication, authorization, and accounting (AAA) function is affected by a authentication bypass vulnerability. Therefore, it could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do any of the following:

Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS.

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvt53563

See Also

http://www.nessus.org/u?086551f4

http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74581

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvt53563

Plugin Details

Severity: Critical

ID: 153895

File Name: cisco-sa-aaa-Yx47ZT8Q-iosxe.nasl

Version: 1.8

Type: combined

Family: CISCO

Published: 10/6/2021

Updated: 9/28/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P

CVSS Score Source: CVE-2021-1619

CVSS v3

Risk Factor: Critical

Base Score: 9.1

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:ios_xe

Required KB Items: Host/Cisco/IOS-XE/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 9/22/2021

Vulnerability Publication Date: 9/22/2021

Reference Information

CVE: CVE-2021-1619

CWE: 824

CISCO-SA: cisco-sa-aaa-Yx47ZT8Q

IAVA: 2021-A-0441-S

CISCO-BUG-ID: CSCvt53563