Lucene search

CiscoCVE-2019-1834

HistoryApr 18, 2019 - 2:29 a.m.

CVE-2019-1834

2019-04-1802:29:05

CWE-20

cisco

web.nvd.nist.gov

cisco

aironet

access points

aps

vulnerability

denial of service

dos

security

exploit

cvss

nvd

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.001

Percentile

22.5%

JSON

A vulnerability in the internal packet processing of Cisco Aironet Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected AP if the switch interface where the AP is connected has port security configured. The vulnerability exists because the AP forwards some malformed wireless client packets outside of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel. An attacker could exploit this vulnerability by sending crafted wireless packets to an affected AP. A successful exploit could allow the attacker to trigger a security violation on the adjacent switch port, which could result in a DoS condition. Note: Though the Common Vulnerability Scoring System (CVSS) score corresponds to a High Security Impact Rating (SIR), this vulnerability is considered Medium because a workaround is available and exploitation requires a specific switch configuration. There are workarounds that address this vulnerability.

Affected configurations

Nvd

Vulners

Node

ciscoaironet_access_point_firmwareRange8.5–8.5.140.0

ciscoaironet_access_point_firmwareRange8.6.101.0–8.8.111.0

ciscoaironet_access_point_firmwareRange8.8.120.0–8.9.100.0

AND

ciscoaironet_1542dMatch-

ciscoaironet_1542iMatch-

ciscoaironet_1562dMatch-

ciscoaironet_1562eMatch-

ciscoaironet_1562iMatch-

ciscoaironet_1800iMatch-

ciscoaironet_2800eMatch-

ciscoaironet_2800iMatch-

ciscoaironet_3800eMatch-

ciscoaironet_3800iMatch-

ciscoaironet_3800pMatch-

Node

ciscoaironet_access_point_firmwareMatch8.5\(131.0\)

AND

ciscoaironet_1850eMatch-

ciscoaironet_1850iMatch-

VendorProductVersionCPE
ciscoaironet_access_point_firmware*cpe:2.3:o:cisco:aironet_access_point_firmware:*:*:*:*:*:*:*:*
ciscoaironet_1542d-cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*
ciscoaironet_1542i-cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*
ciscoaironet_1562d-cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*
ciscoaironet_1562e-cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*
ciscoaironet_1562i-cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*
ciscoaironet_1800i-cpe:2.3:h:cisco:aironet_1800i:-:*:*:*:*:*:*:*
ciscoaironet_2800e-cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*
ciscoaironet_2800i-cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*
ciscoaironet_3800e-cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	aironet_access_point_firmware	*	cpe:2.3:o:cisco:aironet_access_point_firmware::::::::
cisco	aironet_1542d	-	cpe:2.3:h:cisco:aironet_1542d:-:::::::*
cisco	aironet_1542i	-	cpe:2.3:h:cisco:aironet_1542i:-:::::::*
cisco	aironet_1562d	-	cpe:2.3:h:cisco:aironet_1562d:-:::::::*
cisco	aironet_1562e	-	cpe:2.3:h:cisco:aironet_1562e:-:::::::*
cisco	aironet_1562i	-	cpe:2.3:h:cisco:aironet_1562i:-:::::::*
cisco	aironet_1800i	-	cpe:2.3:h:cisco:aironet_1800i:-:::::::*
cisco	aironet_2800e	-	cpe:2.3:h:cisco:aironet_2800e:-:::::::*
cisco	aironet_2800i	-	cpe:2.3:h:cisco:aironet_2800i:-:::::::*
cisco	aironet_3800e	-	cpe:2.3:h:cisco:aironet_3800e:-:::::::*

Rows per page:

1-10 of 151

CNA Affected

[
  {
    "product": "Cisco Aironet Access Point Software",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "8.5(131.0)"
      }
    ]
  }
]

References

www.securityfocus.com/bid/108000

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-air-ap-dos

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.001

Percentile

22.5%

JSON

Related for CVE-2019-1834