Lucene search
CiscoCVE-2013-6979HistoryDec 23, 2013 - 10:55 p.m.
CVE-2013-6979
2013-12-2322:55:03
CWE-287
cisco
web.nvd.nist.gov
20
cisco
ios xe
vty authentication
remote attackers
bypass
bug id
cscuj90227
cve-2013-6979
nvd
CVSS2
5.4
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:C/I:N/A:N
AI Score
7.1
Confidence
Low
EPSS
0.003
Percentile
66.1%
The VTY authentication implementation in Cisco IOS XE 03.02.xxSE and 03.03.xxSE incorrectly relies on the Linux-IOS internal-network configuration, which allows remote attackers to bypass authentication by leveraging access to a 192.168.x.2 source IP address, aka Bug ID CSCuj90227.
Affected configurations
Node
ciscoios_xeMatch-
Related
prion
prion
Authentication flaw
2013-12-23 22:55:00
cisco
cisco
Cisco IOS XE Software Telnet Authentication Bypass Vulnerability
2013-12-24 19:13:51
nvd
nvd
CVE-2013-6979
2013-12-23 22:55:03
cvelist
cvelist
CVE-2013-6979
2013-12-23 22:00:00
CVSS2
5.4
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:C/I:N/A:N
AI Score
7.1
Confidence
Low
EPSS
0.003
Percentile
66.1%
Related for CVE-2013-6979