CVE-2019-1859 — HIGH (7.2) — White Hats Nepal

Q: How severe is CVE-2019-1859?

CVE-2019-1859 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-1859?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Sg200-50 Firmware, Cisco Sg200-50, Cisco Sg200-50P Firmware, Cisco Sg200-50P, Cisco Sg200-50Fp Firmware.

Vulnerability Description

A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to password authentication. The vulnerability exists because OpenSSH mishandles the authentication process. An attacker could exploit this vulnerability by attempting to connect to the device via SSH. A successful exploit could allow the attacker to access the configuration as an administrative user if the default credentials are not changed. There are no workarounds available; however, if client-side certificate authentication is enabled, disable it and use strong password authentication. Client-side certificate authentication is disabled by default.

CVSS Score

7.2

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Cisco	Sg200-50 Firmware	< 1.4.10.6
Cisco	Sg200-50	-
Cisco	Sg200-50P Firmware	< 1.4.10.6
Cisco	Sg200-50P	-
Cisco	Sg200-50Fp Firmware	< 1.4.10.6
Cisco	Sg200-50Fp	-
Cisco	Sg200-26 Firmware	< 1.4.10.6
Cisco	Sg200-26	-
Cisco	Sg200-26P Firmware	< 1.4.10.6
Cisco	Sg200-26P	-
Cisco	Sg200-26Fp Firmware	< 1.4.10.6
Cisco	Sg200-26Fp	-
Cisco	Sg200-18 Firmware	< 1.4.10.6
Cisco	Sg200-18	-
Cisco	Sg200-10Fp Firmware	< 1.4.10.6
Cisco	Sg200-10Fp	-
Cisco	Sg200-08 Firmware	< 1.4.10.6
Cisco	Sg200-08	-
Cisco	Sg200-08P Firmware	< 1.4.10.6
Cisco	Sg200-08P	-

Related Weaknesses (CWE)

CWE-295 CWE-285

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory

FAQ

What is CVE-2019-1859?

CVE-2019-1859 is a vulnerability with a CVSS score of 7.2 (HIGH). A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to passwo...

How severe is CVE-2019-1859?

CVE-2019-1859 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-1859?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Sg200-50 Firmware, Cisco Sg200-50, Cisco Sg200-50P Firmware, Cisco Sg200-50P, Cisco Sg200-50Fp Firmware.