VDB

CVE-2019-1848

CVE-2019-1848 PUBLISHED CVSS 9.300000190734863 CRITICAL

A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, adjacent attacker to bypass authentication and access critical internal services. The vulnerability is due to insufficient access restriction to ports necessary for system operation. An attacker could exploit this vulnerability by connecting an unauthorized network device to the subnet designated for cluster services. A successful exploit could allow an attacker to reach internal services that are not hardened for external access.

EPSS 0.37% · 59.2th percentile

Risk Scores

CVSS 3.0
9.300000190734863
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
EPSS Score
0.37%
59.2th percentile

Affected Products

VendorProductVersions
CiscoCisco Digital Network Architecture Center (DNA Center)unspecified
ciscodigital_network_architecture_center0

Exploit Intelligence

Timeline

  • Jun 20, 2019 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›