{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T02:41:40.435","vulnerabilities":[{"cve":{"id":"CVE-2019-1842","sourceIdentifier":"psirt@cisco.com","published":"2019-06-05T17:29:00.430","lastModified":"2024-11-21T04:37:30.750","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could allow an authenticated, remote attacker to successfully log in to an affected device using two distinct usernames. The vulnerability is due to a logic error that may occur when certain sequences of actions are processed during an SSH login event on the affected device. An attacker could exploit this vulnerability by initiating an SSH session to the device with a specific sequence that presents the two usernames. A successful exploit could result in logging data misrepresentation, user enumeration, or, in certain circumstances, a command authorization bypass. See the Details section for more information."},{"lang":"es","value":"Una vulnerabilidad en la función de identificación Secure Shell (SSH) del software IOS XR de Cisco, podría permitir a un atacante remoto identificado iniciar sesión correctamente en un dispositivo afectado usando dos nombres de usuario distintos. La vulnerabilidad es debido a un error lógico que puede ocurrir cuando ciertas secuencias de acciones son procesadas durante un evento de inicio de sesión SSH en el dispositivo afectado. Un atacante podría aprovechar esta vulnerabilidad mediante el inicio de una sesión SSH en el dispositivo con una secuencia específica que presenta los dos nombres de usuario. Una operación con éxtio podría resultar en el registro de datos falsos, enumeración de usuarios o, en ciertas circunstancias, una omisión de la autorización de comandos. Vea la sección de Detalles para más información."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"cvssMetricV30":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:N","baseScore":5.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ios_xr_firmware:6.1.2.tools:*:*:*:*:*:*:*","matchCriteriaId":"0C7572F0-53A7-49B2-97A5-A9FAC7AFAD3C"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ios_xr_firmware:6.1.3.tools:*:*:*:*:*:*:*","matchCriteriaId":"36326A0C-80EB-4AC3-8B99-5BCA81F100D2"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ios_xr_firmware:6.2.3.tools:*:*:*:*:*:*:*","matchCriteriaId":"0004444D-F0B5-4AFC-B02A-515AEBFB8CFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ios_xr_firmware:6.4.2.tools:*:*:*:*:*:*:*","matchCriteriaId":"C67AFE4B-EAF7-457D-8948-11C86FC483C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*","matchCriteriaId":"324C97E6-1810-404F-9F45-6240F99FF039"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*","matchCriteriaId":"57EB55BB-41B7-40A1-B6F5-142FE8AB4C16"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*","matchCriteriaId":"433F4A82-04A4-4EAA-8C19-F7581DCD8D29"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*","matchCriteriaId":"2D5E60AB-94FF-448A-89D8-5D2197E21C74"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*","matchCriteriaId":"A93212A4-50AB-42E7-89A4-5FBBAEA050C3"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*","matchCriteriaId":"EDA53A61-98B3-458C-8893-61CD7D6B1E48"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*","matchCriteriaId":"F396564E-B477-4A27-A189-CEB737552E25"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*","matchCriteriaId":"5445CC54-ACFB-4070-AF26-F91FEAA85181"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*","matchCriteriaId":"D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:crs-1_16-slot_line_card_chassis:-:*:*:*:*:*:*:*","matchCriteriaId":"2A5D5476-202C-476C-BC43-C0A963C99079"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:crs-1_16-slot_single-shelf_system:-:*:*:*:*:*:*:*","matchCriteriaId":"B0F7E3D1-B738-4B69-AB38-3A273F454B9A"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:crs-1_4-slot_single-shelf_system:-:*:*:*:*:*:*:*","matchCriteriaId":"B2039DB3-F6BA-434D-A395-41DF7B641E4D"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:crs-1_8-slot_line_card_chassis:-:*:*:*:*:*:*:*","matchCriteriaId":"C078ABAD-0E35-481F-8096-FDD40451A318"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:crs-1_8-slot_single-shelf_system:-:*:*:*:*:*:*:*","matchCriteriaId":"A8A8B9BF-E548-4CD9-AEC0-7030B89C4A32"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:crs-1_fabric_card_chassis:-:*:*:*:*:*:*:*","matchCriteriaId":"941333EC-86D4-43AC-BD9A-D286B2276C95"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:crs-1_line_card_chassis_\\(dual\\):-:*:*:*:*:*:*:*","matchCriteriaId":"CD07CEAB-98E4-4FEE-BFA4-ADA520F7A61F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:crs-1_line_card_chassis_\\(multi\\):-:*:*:*:*:*:*:*","matchCriteriaId":"DE33AF1E-5E5C-43A1-B2E3-28E823C47E99"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:crs-1_multishelf_system:-:*:*:*:*:*:*:*","matchCriteriaId":"5BBA0BE4-ED73-4B8C-BE53-5A2AB76981D0"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:crs-3_16-slot_single-shelf_system:-:*:*:*:*:*:*:*","matchCriteriaId":"76F8EEEF-085A-49A5-A50E-24922B300F75"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:crs-3_4-slot_single-shelf_system:-:*:*:*:*:*:*:*","matchCriteriaId":"10698948-E6E0-4C9B-9CB9-3626E4076336"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:crs-3_8-slot_single-shelf_system:-:*:*:*:*:*:*:*","matchCriteriaId":"40EF0D7E-FB4E-433A-A983-34E44E790542"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:crs-3_multishelf_system:-:*:*:*:*:*:*:*","matchCriteriaId":"15448B60-0A19-477C-A08A-17578CF7C92C"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:crs-8\\/s-b_crs:-:*:*:*:*:*:*:*","matchCriteriaId":"D31F6ED1-B20E-44CA-A74B-9D767EDF045F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:crs-8\\/scrs:-:*:*:*:*:*:*:*","matchCriteriaId":"4BDEC7F0-D4D5-45F0-89A4-49C596318C01"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:crs-x_16-slot_single-shelf_system:-:*:*:*:*:*:*:*","matchCriteriaId":"16770F6C-539D-4B65-9C52-60F008C283D2"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:crs-x_multishelf_system:-:*:*:*:*:*:*:*","matchCriteriaId":"B4F47E9F-D7BA-49B9-8070-1BC610B6AE2D"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ncs_6008-8-slot_chassis:-:*:*:*:*:*:*:*","matchCriteriaId":"5E8AFAF4-4392-4EB5-AA35-68B97B036B62"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:network_convergence_system_5508:-:*:*:*:*:*:*:*","matchCriteriaId":"2932D6BF-111E-4B56-9A2E-FDF7C6991097"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/108687","source":"psirt@cisco.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-ssh","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/108687","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-ssh","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}