CVE-2019-12643

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software (affected versions not specified)

Description A vulnerability in the Cisco REST API virtual service container could allow an unauthenticated, remote attacker to bypass authentication on the managed Cisco IOS XE device. The issue is due to an improper check performed by the area of code that manages the REST API authentication service. An attacker could exploit this by submitting malicious HTTP requests to the targeted device, potentially obtaining the token-id of an authenticated user. This token-id could be used to bypass authentication and execute privileged actions through the interface of the REST API virtual service container. The REST API interface is not enabled by default and must be installed and activated separately on IOS XE devices.

Recommendations For Cisco IOS XE Software, update to a version that includes the fix for this issue, as software updates have been released by Cisco to address this vulnerability. As a temporary workaround, consider disabling the REST API interface until a patch is available. Restrict access to the REST API virtual service container to minimize the risk of exploitation. Avoid using the REST API interface for critical operations until the issue is resolved. At the moment, there is no information about specific steps for other potentially affected versions, as the affected versions are not explicitly specified.