VDB
CVE-2019-1759
CVE-2019-1759
PUBLISHED
CVSS 5.300000190734863 MEDIUM
A vulnerability in access control list (ACL) functionality of the Gigabit Ethernet Management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to reach the configured IP addresses on the Gigabit Ethernet Management interface. The vulnerability is due to a logic error that was introduced in the Cisco IOS XE Software 16.1.1 Release, which prevents the ACL from working when applied against the management interface. An attacker could exploit this issue by attempting to access the device via the management interface.
EPSS 28.48% · 96.6th percentile
Risk Scores
CVSS 3.0
5.300000190734863
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS Score
28.48%
96.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco IOS XE Software | *, 3.2.0JA, 16.2.1 |
| cisco | ios_xe | 3.2.0ja, 16.2.1, 16.2.2 |
Exploit Intelligence
- Bolt-cms 3.6.10 Csrf -> xss -> rce (github-poc-repo)
- Bolt-cms 3.6.10 Csrf -> xss -> rce (github-poc-repo)
- Bolt-cms 3.6.10 Csrf -> xss -> rce (github-poc-repo)
- Bolt-cms 3.6.10 Csrf -> xss -> rce (github-poc-repo)
- Bolt-cms 3.6.10 Csrf -> xss -> rce (github-poc-repo)
- Bolt-cms 3.6.10 Csrf -> xss -> rce (github-poc-repo)
- Bolt-cms 3.6.10 Csrf -> xss -> rce (github-poc)
- Bolt-cms 3.6.10 Csrf -> xss -> rce (github-poc)
- Bolt-cms 3.6.10 Csrf -> xss -> rce (github-poc)
- Bolt-cms 3.6.10 Csrf -> xss -> rce (github-poc)
…and 5 more exploits
Timeline
- Mar 27, 2019 CVE Published
- Oct 15, 2019 PoC Published
- Apr 14, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 15, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Nov 15, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- May 13, 2023 EPSS Score