CVE-2019-1758

Name of the Vulnerable Software and Affected Versions Cisco IOS versions on the Catalyst 6500 Series Switches (affected versions not specified)

Description The issue is related to the implementation of the 802.1X standard in Cisco IOS, specifically concerning the authentication procedure. An unauthenticated, adjacent attacker could exploit this issue to access the network prior to authentication by attempting to connect to the network on an 802.1X configured port. The vulnerability arises from how 802.1X packets are handled in the process path, potentially allowing an attacker to intermittently obtain access to the network.

Recommendations For Cisco IOS on the Catalyst 6500 Series Switches, apply the software updates released by Cisco that address this issue. As a temporary workaround, consider implementing workarounds that address this vulnerability, as suggested by Cisco.