CVE-2019-1848 vulnerability in Cisco Products
Published on June 20, 2019
Cisco DNA Center Authentication Bypass Vulnerability
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, adjacent attacker to bypass authentication and access critical internal services. The vulnerability is due to insufficient access restriction to ports necessary for system operation. An attacker could exploit this vulnerability by connecting an unauthorized network device to the subnet designated for cluster services. A successful exploit could allow an attacker to reach internal services that are not hardened for external access.
Weakness Type
Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
Products Associated with CVE-2019-1848
stack.watch emails you whenever new vulnerabilities are published in Cisco Digital Network Architecture Center or Cisco Dna Center. Just hit a watch button to start following.
Affected Versions
Cisco Digital Network Architecture Center (DNA Center):- Version unspecified and below 1.3 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.