CVE-2019-1842

Name of the Vulnerable Software and Affected Versions Cisco IOS XR Software (affected versions not specified)

Description A logic error in the Secure Shell (SSH) authentication function could allow an authenticated, remote attacker to log in to an affected device using two distinct usernames. This error occurs when certain sequences of actions are processed during an SSH login event. An attacker could exploit this by initiating an SSH session with a specific sequence that presents the two usernames, potentially resulting in logging data misrepresentation, user enumeration, or a command authorization bypass.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.