CVE-2019-1762

Name of the Vulnerable Software and Affected Versions Cisco IOS and IOS XE Software (affected versions not specified)

Description The issue is related to the Secure Storage feature of Cisco IOS and IOS XE Software, where improper memory operations performed at encryption time could allow an authenticated, local attacker to access sensitive system information on an affected device. An attacker could exploit this by retrieving the contents of specific memory locations, potentially disclosing keying materials that are part of the device configuration, which can be used to recover critical system information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.