Intrusion Prevention

Cisco.IOS.XE.REST.API.Authentication.Bypass

Description

This indicates an attack attempt to exploit an Authentication Bypass Vulnerability in Cisco Systems REST API virtual service container.
A remote, unauthenticated attacker can exploit this vulnerability by visiting the token-services debug endpoint. Successful exploitation could result in the bypassing of authentication, allowing an attacker to perform actions as an administrator on the target server.

Affected Products

Cisco Systems REST API virtual service container prior to 16.09.03

Impact

Privilege Escalation: Remote attackers can leverage their privileges on vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-iosxe-rest-auth-bypass

CVE References

CVE-2019-12643