All the vulnerabilites related to cisco - aironet_access_point_software
Vulnerability from fkie_nvd
Published
2018-05-02 22:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent attacker to bypass a configured FlexConnect access control list (ACL). The vulnerability is due to the AP ignoring the ACL download from the client during authentication. An attacker could exploit this vulnerability by connecting to the targeted device with a vulnerable configuration. A successful exploit could allow the attacker to bypass a configured client FlexConnect ACL. This vulnerability affects the following Cisco products if they are running a vulnerable release of Central Web Authentication with FlexConnect Access Points Software: Aironet 1560 Series Access Points, Aironet 1810 Series OfficeExtend Access Points, Aironet 1810w Series Access Points, Aironet 1815 Series Access Points, Aironet 1830 Series Access Points, Aironet 1850 Series Access Points, Aironet 2800 Series Access Points, Aironet 3800 Series Access Points. Note: Central Web Authentication with FlexConnect Access Points was an unsupported configuration until 8.5.100.0. Cisco Bug IDs: CSCve17756.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securitytracker.com/id/1040818 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-acl | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040818 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-acl | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | aironet_access_point_software | 8.2\(160.0\) | |
| cisco | aironet_access_point_software | 8.4\(100.0\) | |
| cisco | aironet_access_point_software | 8.7\(1.3\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.2\\(160.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1B86A6C1-52FF-40E9-B01E-AA9B62450CB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.4\\(100.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BE67BC9F-CA61-4582-9838-534BDFD2E468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.7\\(1.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94EA8F7E-5B23-4D88-ABFE-552A101831E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent attacker to bypass a configured FlexConnect access control list (ACL). The vulnerability is due to the AP ignoring the ACL download from the client during authentication. An attacker could exploit this vulnerability by connecting to the targeted device with a vulnerable configuration. A successful exploit could allow the attacker to bypass a configured client FlexConnect ACL. This vulnerability affects the following Cisco products if they are running a vulnerable release of Central Web Authentication with FlexConnect Access Points Software: Aironet 1560 Series Access Points, Aironet 1810 Series OfficeExtend Access Points, Aironet 1810w Series Access Points, Aironet 1815 Series Access Points, Aironet 1830 Series Access Points, Aironet 1850 Series Access Points, Aironet 2800 Series Access Points, Aironet 3800 Series Access Points. Note: Central Web Authentication with FlexConnect Access Points was an unsupported configuration until 8.5.100.0. Cisco Bug IDs: CSCve17756."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Central Web Authentication (CWA) con FlexConnect Access Points (AP) para los AP Cisco Aironet Series 1560, 1810, 1810w, 1815, 1830, 1850, 2800 y 3800 podr\u00eda permitir que un atacante adyacente autenticado omita una lista de control de acceso (ACL) configurada de FlexConnect. La vulnerabilidad se debe a que el AP ignora la descarga de ACL del cliente durante la autenticaci\u00f3n. Un atacante podr\u00eda explotar esta vulnerabilidad conect\u00e1ndose al dispositivo objetivo con una configuraci\u00f3n vulnerable. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante omita una ACL configurada del cliente FlexConnect. Esta vulnerabilidad afecta a los siguientes productos de Cisco que ejecutan una versi\u00f3n vulnerable de Central Web Authentication con software FlexConnect Access Points: Aironet 1560 Series Access Points, Aironet 1810 Series OfficeExtend Access Points, Aironet 1810w Series Access Points, Aironet 1815 Series Access Points, Aironet 1830 Series Access Points, Aironet 1850 Series Access Points, Aironet 2800 Series Access Points y Aironet 3800 Series Access Points. Nota: Central Web Authentication con FlexConnect Access Points era una configuraci\u00f3n no soportada hasta la versi\u00f3n 8.5.100.0. Cisco Bug IDs: CSCve17756."
}
],
"id": "CVE-2018-0250",
"lastModified": "2024-11-21T03:37:48.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.1,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-02T22:29:00.637",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040818"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-acl"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-acl"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-693"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-693"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-10-13 00:59
Modified
2024-11-21 02:34
Severity ?
Summary
Cisco Aironet 1850 access points with software 8.1(112.4) allow local users to gain privileges via crafted CLI commands, aka Bug ID CSCuv79694.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151005-aironet | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1033746 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151005-aironet | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1033746 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | aironet_access_point_software | 8.1\(112.4\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.1\\(112.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A92A6EC5-E47A-4001-A25C-A1043B346EDE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Aironet 1850 access points with software 8.1(112.4) allow local users to gain privileges via crafted CLI commands, aka Bug ID CSCuv79694."
},
{
"lang": "es",
"value": "Puntos de acceso Cisco Aironet 1850 con software 8.1(112.4) permiten a usuarios locales ganar privilegios a trav\u00e9s de comandos CLI manipulados, tambi\u00e9n conocido como Bug ID CSCuv79694."
}
],
"id": "CVE-2015-6315",
"lastModified": "2024-11-21T02:34:45.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-10-13T00:59:00.107",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151005-aironet"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033746"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151005-aironet"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033746"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-24 20:15
Modified
2024-11-21 05:44
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, remote attacker to obtain confidential information from an affected device. This vulnerability is due to an unrestricted Trivial File Transfer Protocol (TFTP) configuration. An attacker could exploit this vulnerability by sending a specific TFTP request to an affected device. A successful exploit could allow the attacker to download any file from the filesystem of the affected access point (AP).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | aironet_access_point_software | - | |
| cisco | 1100_integrated_services_router | - | |
| cisco | aironet_1540 | - | |
| cisco | aironet_1560 | - | |
| cisco | aironet_1800 | - | |
| cisco | aironet_2800 | - | |
| cisco | aironet_3800 | - | |
| cisco | aironet_4800 | - | |
| cisco | catalyst_9100 | - | |
| cisco | catalyst_iw6300 | - | |
| cisco | esw6300 | - | |
| cisco | catalyst_9800_firmware | * | |
| cisco | catalyst_9800 | - | |
| cisco | wireless_lan_controller_software | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D48036EE-DE42-412A-B3C9-CBCE7414DB33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1540:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72BFEED4-7AD7-406F-A044-BDEA98133711",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8191FD87-4E55-4F38-8DB0-7E6772AD075B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02F4C00A-D1E2-4B21-A14E-F30B4B818493",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C28A6B0-10FF-4C6D-8527-2313E163C98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7636F7E2-E386-4F8C-A0C5-F510D8E21DA4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "749040C6-A21A-4EF3-8213-42EE01CFA303",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09051BC5-CFE7-43EF-975D-BF77724E8776",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BDFBA81-4DF6-4BC8-8D16-2520510ADE2E",
"versionEndExcluding": "17.3.3",
"versionStartIncluding": "17.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "168B2B18-BFBB-4AE9-BAE5-E178BA2DA844",
"versionEndExcluding": "8.10.142.0",
"versionStartIncluding": "8.10.112.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, remote attacker to obtain confidential information from an affected device. This vulnerability is due to an unrestricted Trivial File Transfer Protocol (TFTP) configuration. An attacker could exploit this vulnerability by sending a specific TFTP request to an affected device. A successful exploit could allow the attacker to download any file from the filesystem of the affected access point (AP)."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad FlexConnect Upgrade del Software Cisco Aironet Series Access Points, podr\u00eda permitir a un atacante remoto no autenticado obtenga informaci\u00f3n confidencial de un dispositivo afectado.\u0026#xa0;Esta vulnerabilidad es debido a una configuraci\u00f3n sin restricciones del Trivial File Transfer Protocol (TFTP).\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n TFTP espec\u00edfica a un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante descargar cualquier archivo del sistema de archivos del punto de acceso (AP) afectado"
}
],
"id": "CVE-2021-1437",
"lastModified": "2024-11-21T05:44:21.730",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-24T20:15:14.900",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-info-disc-BfWqghj"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-info-disc-BfWqghj"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-275"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-09-24 18:15
Modified
2024-11-21 05:31
Severity ?
Summary
A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | wireless_lan_controller | * | |
| cisco | 1111-4pwe | - | |
| cisco | 1111-8plteeawb | - | |
| cisco | 1111-8pwb | - | |
| cisco | 1113-8plteeawe | - | |
| cisco | 1113-8pmwe | - | |
| cisco | 1113-8pwe | - | |
| cisco | 1116-4plteeawe | - | |
| cisco | 1116-4pwe | - | |
| cisco | 1117-4plteeawe | - | |
| cisco | 1117-4pmlteeawe | - | |
| cisco | 1117-4pmwe | - | |
| cisco | 1117-4pwe | - | |
| cisco | aironet_1815 | - | |
| cisco | aironet_1830e | - | |
| cisco | aironet_1830i | - | |
| cisco | aironet_1850e | - | |
| cisco | aironet_1850i | - | |
| cisco | business_140ac | - | |
| cisco | business_145ac | - | |
| cisco | business_240ac | - | |
| cisco | business_access_points | * | |
| cisco | access_points | * | |
| cisco | catalyst_9800-40 | - | |
| cisco | catalyst_9800-80 | - | |
| cisco | catalyst_9800-cl | - | |
| cisco | catalyst_9800-l | - | |
| cisco | catalyst_9800-l-c | - | |
| cisco | catalyst_9800-l-f | - | |
| cisco | aironet_access_point_software | 8.5\(151.0\) | |
| cisco | aironet_access_point_software | 17.2.0.26 | |
| cisco | aironet_1850e | - | |
| cisco | aironet_1850i | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FAC3262-0899-4F22-8EE7-27F35FB7276D",
"versionEndExcluding": "8.10.112.0",
"versionStartIncluding": "8.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1111-4pwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7262ADAB-296F-4DC2-9CD7-A86D7F6441C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111-8plteeawb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "929A06B1-38F1-42F4-B179-D42B04506AFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111-8pwb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3056B31-1977-4472-BC74-19A5B8B5EC44",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1113-8plteeawe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9261A638-E2E4-4EF0-84E9-A585BF763263",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1113-8pmwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C85463D-0B37-4746-B7EA-80F3096305E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1113-8pwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58C04E5B-AC03-440F-9007-0D6761B41F68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1116-4plteeawe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29A5E963-2987-4927-862A-6375624FC876",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1116-4pwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3601499F-AD3B-47EA-816A-A01379CA1A33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1117-4plteeawe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303129EF-9107-4B39-8683-1BD917B3E68D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1117-4pmlteeawe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76B2B271-555B-4439-95D8-086E516F1169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1117-4pmwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB321CD-9096-4F75-AD2F-4EAE1CA75D76",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1117-4pwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98F31C77-0303-4FD9-B968-6B430202C6AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8BF9DDB-884D-47B5-A295-8BFA5207C412",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4590D445-B4B6-48E6-BF55-BEA6BA763410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "848CC5CD-1982-4F31-A626-BD567E1C19F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_140ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6331ADD0-9438-4095-84D4-4434C4782C60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_145ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19202724-5BEB-487C-98EA-F3B6924C52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_240ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07135C18-DDB4-41F3-971F-A4FC38C99E26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:business_access_points:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78149144-CCF5-4C71-B22D-45261C4ACABC",
"versionEndExcluding": "10.1.1.0",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:access_points:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70B4ABE1-4F2F-478A-AA0E-8F293105FEBE",
"versionEndExcluding": "16.12.4a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.5\\(151.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FDF08F54-1FD8-4542-9CA0-CCCBB686B62D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:17.2.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "35BF64F8-9B4F-460D-85A1-F1D57E7FD695",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco Aironet Access Point (AP) Software, podr\u00eda permitir a un atacante remoto no autenticado causar la recarga de un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a un manejo inapropiado de los clientes que est\u00e1n intentando conectarse al AP.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de peticiones de autenticaci\u00f3n de varios clientes hacia un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el dispositivo afectado se recargue."
}
],
"id": "CVE-2020-3559",
"lastModified": "2024-11-21T05:31:18.883",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-24T18:15:21.997",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-h3DCuLXw"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-h3DCuLXw"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 03:15
Modified
2024-11-21 06:11
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2688A8E4-F734-4353-889C-D4346F838AD3",
"versionEndExcluding": "8.10.162.0",
"versionStartIncluding": "8.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:17.2:*:*:*:*:*:*:*",
"matchCriteriaId": "58FD0CE4-DF50-41B9-9ED5-049585DA8E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:17.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C881D9-8270-4413-B762-33E9661FC407",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6F668B9-2C1D-4306-8286-35E67D0F67C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:6300_series_access_points:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E6F57DE-E039-49D7-B240-48CBD9CACD6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1540:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72BFEED4-7AD7-406F-A044-BDEA98133711",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DB7510-2741-464A-8FC9-8419985E330F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE916B2-CAAD-4508-A47E-A7D4D88B077A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8191FD87-4E55-4F38-8DB0-7E6772AD075B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D717945-EE41-4D0F-86EF-90826EBE9C3E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99EAEA92-6589-4DFB-BC4B-8CBA425452D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D27AB201-342D-4517-9E05-6088598F4695",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02F4C00A-D1E2-4B21-A14E-F30B4B818493",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC836B4D-A489-4300-B0A2-EF0B6E01E623",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36F923CF-D4EB-48F8-821D-8BB3A69ABB62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1810w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D613A17-FFA9-4FF0-9C2A-AF8ACD59B765",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8BF9DDB-884D-47B5-A295-8BFA5207C412",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "207DC80E-499C-4CA3-8A88-F027DBC64CCF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830:-:*:*:*:*:*:*:*",
"matchCriteriaId": "093AB3A8-853B-4094-BFB5-6A8775AAA8D3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4590D445-B4B6-48E6-BF55-BEA6BA763410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "848CC5CD-1982-4F31-A626-BD567E1C19F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1840:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69CA9D6-914D-436F-AA81-B218CC312D29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE0B76A8-377E-4176-8F04-B0D468D4E767",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C28A6B0-10FF-4C6D-8527-2313E163C98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "098A82FF-95F7-416A-BADD-C57CE81ACD32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1D5813-9223-4B3F-9DE2-F3EF854FC927",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7636F7E2-E386-4F8C-A0C5-F510D8E21DA4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10D7583E-2B61-40F1-B9A6-701DA08F8CDF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "945DDBE7-6233-416B-9BEE-7029F047E298",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED89428-750C-4C26-B2A1-E3D63F8B3F44",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "749040C6-A21A-4EF3-8213-42EE01CFA303",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3CCCFE-88CC-4F7B-8958-79CA62516EA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F93DF4-67DB-4B30-AC22-60C67DF32DB2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59C77B06-3C22-4092-AAAB-DB099A0B16A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56A3430C-9AF7-4604-AD95-FCF2989E9EB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4C56A6-E843-498A-A17B-D3D1B01E70E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F050F416-44C3-474C-9002-321A33F288D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AE36E2-E7E9-4E49-8BFF-615DACFC65C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A699C5C-CD03-4263-952F-5074B470F20E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A47C2D6F-8F90-4D74-AFE1-EAE954021F46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C04889F8-3C2A-41AA-9DC9-5A4A4BBE60E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46D41CFE-784B-40EE-9431-8097428E5892",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D148A27-85B6-4883-96B5-343C8D32F23B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "735CA950-672C-4787-8910-48AD07868FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C11EF240-7599-4138-B7A7-17E4479F5B83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E987C945-4D6D-4BE5-B6F0-784B7E821D11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B434C6D7-F583-4D2B-9275-38A5EC4ECC30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "248A3FFC-C33C-4336-A37C-67B6046556E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC1F736-6240-4FA2-9FEC-D8798C9D287C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "169E5354-07EA-4639-AB4B-20D2B9DE784C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23153AA4-B169-4421-BFF8-873205FC9C21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67DC3B71-B64D-4C49-B089-B274FA34ECB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dcw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F857465-314F-4124-9835-8A269486D654",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n WLAN Control Protocol (WCP) para Cisco Aironet Access Point (AP) software podr\u00eda permitir a un atacante adyacente no autenticado causar una recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad es debido al manejo incorrecto de errores cuando un dispositivo afectado recibe una trama 802.11 inesperada. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de determinadas tramas 802.11 a trav\u00e9s de la red inal\u00e1mbrica a una interfaz de un AP afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar un filtrado de b\u00fafer de paquetes. Esto podr\u00eda resultar eventualmente en fallos en la asignaci\u00f3n del b\u00fafer, lo que desencadenar\u00eda una recarga del dispositivo afectado"
}
],
"id": "CVE-2021-34740",
"lastModified": "2024-11-21T06:11:05.760",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T03:15:19.947",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-22 10:59
Modified
2024-11-21 02:55
Severity ?
Summary
The rate-limit feature in the 802.11 protocol implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via crafted 802.11 frames, aka Bug ID CSCva06192.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap2 | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securityfocus.com/bid/92511 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1036645 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap2 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92511 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036645 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | aironet_access_point_software | 8.1\(15.14\) | |
| cisco | aironet_access_point_software | 8.1\(112.3\) | |
| cisco | aironet_access_point_software | 8.1\(112.4\) | |
| cisco | aironet_access_point_software | 8.1\(131.0\) | |
| cisco | aironet_access_point_software | 8.2\(100.0\) | |
| cisco | aironet_access_point_software | 8.2\(102.43\) | |
| cisco | aironet_access_point_software | 8.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(15.14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "56A62387-63C1-465E-B7C9-8AE336CC1C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(112.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2C399834-8DC2-4B81-B258-0F2DA7408277",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(112.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CEF360BC-B2C5-4DF4-8751-C1129A263243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(131.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BEEB3E5A-354E-41DA-971C-03F7915FA947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.2\\(100.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "97863857-2CC6-4717-A59F-92F3B6604FDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.2\\(102.43\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3CD7A011-854F-41A9-9C24-BF3769B1797E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B28C49B5-1B3D-4228-AE6A-83EC30D69515",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The rate-limit feature in the 802.11 protocol implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via crafted 802.11 frames, aka Bug ID CSCva06192."
},
{
"lang": "es",
"value": "La funci\u00f3n de la velocidad l\u00edmite en el protocolo de implementaci\u00f3n 802.11 en dispositivos Cisco Aironet 1800, 2800 y 3800 con software en versiones anteriores a 8.2.121.0 y 8.3.x en versiones anteriores a 8.3.102.0 permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio del dispositivo) a trav\u00e9s de marcos 802.11 manipulados, tambi\u00e9n conocido como Bug ID CSCva06192."
}
],
"id": "CVE-2016-6363",
"lastModified": "2024-11-21T02:55:59.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-22T10:59:12.137",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap2"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92511"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92511"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036645"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-24 20:15
Modified
2024-11-21 05:44
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of incoming mDNS traffic. An attacker could exploit this vulnerability by sending a crafted mDNS packet to an affected device through a wireless network that is configured in FlexConnect local switching mode or through a wired network on a configured mDNS VLAN. A successful exploit could allow the attacker to cause the access point (AP) to reboot, resulting in a DoS condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | aironet_access_point_software | - | |
| cisco | 1100_integrated_services_router | - | |
| cisco | aironet_1540 | - | |
| cisco | aironet_1560 | - | |
| cisco | aironet_1800 | - | |
| cisco | aironet_2800 | - | |
| cisco | aironet_3800 | - | |
| cisco | aironet_4800 | - | |
| cisco | catalyst_9100 | - | |
| cisco | catalyst_iw6300 | - | |
| cisco | esw6300 | - | |
| cisco | catalyst_9800_firmware | * | |
| cisco | catalyst_9800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D48036EE-DE42-412A-B3C9-CBCE7414DB33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1540:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72BFEED4-7AD7-406F-A044-BDEA98133711",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8191FD87-4E55-4F38-8DB0-7E6772AD075B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02F4C00A-D1E2-4B21-A14E-F30B4B818493",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C28A6B0-10FF-4C6D-8527-2313E163C98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7636F7E2-E386-4F8C-A0C5-F510D8E21DA4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "749040C6-A21A-4EF3-8213-42EE01CFA303",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09051BC5-CFE7-43EF-975D-BF77724E8776",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BDFBA81-4DF6-4BC8-8D16-2520510ADE2E",
"versionEndExcluding": "17.3.3",
"versionStartIncluding": "17.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of incoming mDNS traffic. An attacker could exploit this vulnerability by sending a crafted mDNS packet to an affected device through a wireless network that is configured in FlexConnect local switching mode or through a wired network on a configured mDNS VLAN. A successful exploit could allow the attacker to cause the access point (AP) to reboot, resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad multicast DNS (mDNS) gateway del Software Cisco Aironet Series Access Points, podr\u00eda permitir a un atacante adyacente no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;Esta vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada del tr\u00e1fico mDNS entrante.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete mDNS dise\u00f1ado hacia un dispositivo afectado por medio de una red inal\u00e1mbrica configurada en el modo de conmutaci\u00f3n local FlexConnect o mediante una red cableada en una VLAN mDNS configurada.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el punto de acceso (AP) se reinicie, lo que resultar\u00eda en una condici\u00f3n de DoS"
}
],
"id": "CVE-2021-1439",
"lastModified": "2024-11-21T05:44:22.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-24T20:15:14.977",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-mdns-dos-E6KwYuMx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-mdns-dos-E6KwYuMx"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "ykramarz@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-02 22:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in Web Authentication (WebAuth) clients for the Cisco Wireless LAN Controller (WLC) and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulnerability is due to incorrect implementation of authentication for WebAuth clients in a specific configuration. An attacker could exploit this vulnerability by sending traffic to local network resources without having gone through authentication. A successful exploit could allow the attacker to bypass authentication and pass traffic. This affects Cisco Aironet Access Points running Cisco IOS Software and Cisco Wireless LAN Controller (WLC) releases prior to 8.5.110.0 for the following specific WLC configuration only: (1) The Access Point (AP) is configured in FlexConnect Mode with NAT. (2) The WLAN is configured for central switching, meaning the client is being assigned a unique IP address. (3) The AP is configured with a Split Tunnel access control list (ACL) for access to local network resources, meaning the AP is doing the NAT on the connection. (4) The client is using WebAuth. This vulnerability does not apply to .1x clients in the same configuration. Cisco Bug IDs: CSCvc79502, CSCvf71789.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/104087 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1040814 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1040815 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-auth | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104087 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040814 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040815 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-auth | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | wireless_lan_controller_software | 8.3\(104.105\) | |
| cisco | aironet_access_point_software | 8.3\(104.105\) | |
| cisco | aironet_access_point_software | 8.5\(107.52\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:8.3\\(104.105\\):*:*:*:*:*:*:*",
"matchCriteriaId": "64DEEBC6-28F9-4ACA-89E7-D4A74B48E44F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.3\\(104.105\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3B12FDDD-E8AA-4BE2-A938-09E63BC82F31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.5\\(107.52\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD5F5F1A-61D8-4433-A49D-2BA2FA40AEDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Web Authentication (WebAuth) clients for the Cisco Wireless LAN Controller (WLC) and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulnerability is due to incorrect implementation of authentication for WebAuth clients in a specific configuration. An attacker could exploit this vulnerability by sending traffic to local network resources without having gone through authentication. A successful exploit could allow the attacker to bypass authentication and pass traffic. This affects Cisco Aironet Access Points running Cisco IOS Software and Cisco Wireless LAN Controller (WLC) releases prior to 8.5.110.0 for the following specific WLC configuration only: (1) The Access Point (AP) is configured in FlexConnect Mode with NAT. (2) The WLAN is configured for central switching, meaning the client is being assigned a unique IP address. (3) The AP is configured with a Split Tunnel access control list (ACL) for access to local network resources, meaning the AP is doing the NAT on the connection. (4) The client is using WebAuth. This vulnerability does not apply to .1x clients in the same configuration. Cisco Bug IDs: CSCvc79502, CSCvf71789."
},
{
"lang": "es",
"value": "Una vulnerabilidad en los clientes Web Authentication (WebAuth) para Cisco Wireless LAN Controller (WLC) y Aironet Access Points que ejecutan el software Cisco IOS podr\u00eda permitir que un atacante adyacente sin autenticar omita la autenticaci\u00f3n y pase tr\u00e1fico. La vulnerabilidad se debe a la implementaci\u00f3n incorrecta de la autenticaci\u00f3n para los clientes WebAuth en una configuraci\u00f3n espec\u00edfica. Un atacante podr\u00eda explotar esta vulnerabilidad enviando tr\u00e1fico a recursos en la red local sin tener que pasar por la autenticaci\u00f3n. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante omita la autenticaci\u00f3n y pase tr\u00e1fico. Esto afecta a Cisco Aironet Access Points que ejecutan el software Cisco IOS y Cisco Wireless LAN Controller (WLC) en lanzamientos anteriores a la versi\u00f3n 8.5.110.0 solo para la siguiente configuraci\u00f3n espec\u00edfica de WLC: (1) El punto de acceso (AP) est\u00e1 configurado en modo FlexConnect con NAT. (2) El WLAN est\u00e1 configurado para switching central, lo que significa que al cliente se le asigna una direcci\u00f3n IP \u00fanica. (3) El AP est\u00e1 configurado con una lista de control de acceso (ACL) de Split Tunnel para acceder a recursos de la red local, lo que significa que el AP est\u00e1 realizando NAT en la conexi\u00f3n. (4) El cliente est\u00e1 usando WebAuth. La vulnerabilidad no aplica a clientes .1x en la misma configuraci\u00f3n. Cisco Bug IDs: CSCvc79502, CSCvf71789."
}
],
"id": "CVE-2018-0247",
"lastModified": "2024-11-21T03:37:48.563",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-02T22:29:00.513",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104087"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040814"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040815"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-auth"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040815"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-auth"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-22 10:59
Modified
2024-11-21 02:55
Severity ?
Summary
Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap1 | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securityfocus.com/bid/92513 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1036644 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap1 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92513 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036644 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | aironet_access_point_software | 8.1\(15.14\) | |
| cisco | aironet_access_point_software | 8.1\(112.3\) | |
| cisco | aironet_access_point_software | 8.1\(112.4\) | |
| cisco | aironet_access_point_software | 8.1\(131.0\) | |
| cisco | aironet_access_point_software | 8.2\(100.0\) | |
| cisco | aironet_access_point_software | 8.2\(102.43\) | |
| cisco | aironet_access_point_software | 8.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(15.14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "56A62387-63C1-465E-B7C9-8AE336CC1C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(112.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2C399834-8DC2-4B81-B258-0F2DA7408277",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(112.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CEF360BC-B2C5-4DF4-8751-C1129A263243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(131.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BEEB3E5A-354E-41DA-971C-03F7915FA947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.2\\(100.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "97863857-2CC6-4717-A59F-92F3B6604FDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.2\\(102.43\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3CD7A011-854F-41A9-9C24-BF3769B1797E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B28C49B5-1B3D-4228-AE6A-83EC30D69515",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725."
},
{
"lang": "es",
"value": "Dispositivos Cisco Aironet 1800, 2800 y 3800 con software en versiones anteriores a 8.2.110.0, 8.2.12x en versiones anteriores a 8.2.121.0 y 8.3.x en versiones anteriores a 8.3.102.0 permiten a usuarios locales obtener privilegios a trav\u00e9s de par\u00e1metros CLI manipulados, tambi\u00e9n conocido como Bug ID CSCuz24725."
}
],
"id": "CVE-2016-6362",
"lastModified": "2024-11-21T02:55:58.890",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-22T10:59:11.120",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap1"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92513"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036644"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-15 20:59
Modified
2024-11-21 03:26
Severity ?
Summary
A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for accessing certain web pages using the GUI interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected system. A successful exploit could allow the attacker to bypass authentication and perform unauthorized configuration changes or issue control commands to the affected device. This vulnerability affects Cisco Mobility Express 1800 Series Access Points running a software version prior to 8.2.110.0. Cisco Bug IDs: CSCuy68219.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/96909 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96909 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | aironet_access_point_software | 8.1\(15.14\) | |
| cisco | aironet_access_point_software | 8.1\(112.3\) | |
| cisco | aironet_access_point_software | 8.1\(112.4\) | |
| cisco | aironet_access_point_software | 8.1\(131.0\) | |
| cisco | aironet_1810 | - | |
| cisco | aironet_1810w | - | |
| cisco | aironet_1815i | - | |
| cisco | aironet_1830e | - | |
| cisco | aironet_1830i | - | |
| cisco | aironet_1850e | - | |
| cisco | aironet_1850i | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.1\\(15.14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "88453D71-DAF5-4813-9776-5391C31B1006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.1\\(112.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A187F61E-D4A4-4DF9-93B4-981C4B86F284",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.1\\(112.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A92A6EC5-E47A-4001-A25C-A1043B346EDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.1\\(131.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AAE1697B-74D9-4416-AFBA-EAD5C0E5A6E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36F923CF-D4EB-48F8-821D-8BB3A69ABB62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1810w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D613A17-FFA9-4FF0-9C2A-AF8ACD59B765",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "207DC80E-499C-4CA3-8A88-F027DBC64CCF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4590D445-B4B6-48E6-BF55-BEA6BA763410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "848CC5CD-1982-4F31-A626-BD567E1C19F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for accessing certain web pages using the GUI interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected system. A successful exploit could allow the attacker to bypass authentication and perform unauthorized configuration changes or issue control commands to the affected device. This vulnerability affects Cisco Mobility Express 1800 Series Access Points running a software version prior to 8.2.110.0. Cisco Bug IDs: CSCuy68219."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz gr\u00e1fica de usuario basada en web de los puntos de acceso Cisco Mobility Express serie 1800 podr\u00eda permitir a un atacante remoto no autenticado eludir la autenticaci\u00f3n. El atacante podr\u00eda tener privilegios completos de administrador. La vulnerabilidad se debe a la implementaci\u00f3n incorrecta de la autenticaci\u00f3n para acceder a determinadas p\u00e1ginas web a trav\u00e9s de la interfaz GUI. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTP manipulada a la interfaz web del sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante eludir la autenticaci\u00f3n y realizar cambios de configuraci\u00f3n no autorizados o mandar comandos de control al dispositivo afectado. Esta vulnerabilidad afecta a los puntos de acceso Cisco Mobility Express Serie 1800 que ejecutan una versi\u00f3n de software anterior a 8.2.110.0. ID de errores de Cisco: CSCuy68219."
}
],
"id": "CVE-2017-3831",
"lastModified": "2024-11-21T03:26:12.140",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-15T20:59:00.193",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96909"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-23 17:15
Modified
2024-11-21 07:40
Severity ?
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to cause an affected device to reload spontaneously, resulting in a DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EA7E3F-2EA0-4B32-BCA0-0E88FC9E4F9D",
"versionEndExcluding": "8.10.183.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09051BC5-CFE7-43EF-975D-BF77724E8776",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "386B92C5-05F3-40A8-8F35-280DD9E84169",
"versionEndExcluding": "17.9.0.135",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1540:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72BFEED4-7AD7-406F-A044-BDEA98133711",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DB7510-2741-464A-8FC9-8419985E330F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE916B2-CAAD-4508-A47E-A7D4D88B077A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8191FD87-4E55-4F38-8DB0-7E6772AD075B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D717945-EE41-4D0F-86EF-90826EBE9C3E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99EAEA92-6589-4DFB-BC4B-8CBA425452D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D27AB201-342D-4517-9E05-6088598F4695",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02F4C00A-D1E2-4B21-A14E-F30B4B818493",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC836B4D-A489-4300-B0A2-EF0B6E01E623",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36F923CF-D4EB-48F8-821D-8BB3A69ABB62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1810w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D613A17-FFA9-4FF0-9C2A-AF8ACD59B765",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8BF9DDB-884D-47B5-A295-8BFA5207C412",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "207DC80E-499C-4CA3-8A88-F027DBC64CCF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E3225A6-DA3C-49FE-B0F8-8AC6B7DA3347",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E1D6F32-3F51-4C5B-97AF-1AD8917FCB07",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E09FEE6E-8169-4E90-ACF6-88BEE747D7A8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C28A6B0-10FF-4C6D-8527-2313E163C98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "098A82FF-95F7-416A-BADD-C57CE81ACD32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1D5813-9223-4B3F-9DE2-F3EF854FC927",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7636F7E2-E386-4F8C-A0C5-F510D8E21DA4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10D7583E-2B61-40F1-B9A6-701DA08F8CDF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "945DDBE7-6233-416B-9BEE-7029F047E298",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED89428-750C-4C26-B2A1-E3D63F8B3F44",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "749040C6-A21A-4EF3-8213-42EE01CFA303",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3CCCFE-88CC-4F7B-8958-79CA62516EA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C76DACE3-7D3B-4FE6-8567-0C9D43FF7A7E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F93DF4-67DB-4B30-AC22-60C67DF32DB2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59C77B06-3C22-4092-AAAB-DB099A0B16A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56A3430C-9AF7-4604-AD95-FCF2989E9EB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36E2B891-4F41-4D0D-BAA2-0256C0565BDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4C56A6-E843-498A-A17B-D3D1B01E70E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F050F416-44C3-474C-9002-321A33F288D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AE36E2-E7E9-4E49-8BFF-615DACFC65C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA8798F4-35BB-4F81-9385-B0274BFAAF15",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A699C5C-CD03-4263-952F-5074B470F20E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A47C2D6F-8F90-4D74-AFE1-EAE954021F46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C04889F8-3C2A-41AA-9DC9-5A4A4BBE60E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5889AFA2-752E-4EDD-A837-5C003025B25C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46D41CFE-784B-40EE-9431-8097428E5892",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D148A27-85B6-4883-96B5-343C8D32F23B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "735CA950-672C-4787-8910-48AD07868FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C11EF240-7599-4138-B7A7-17E4479F5B83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53852300-C1D2-4F84-B8DA-4EDBCB374075",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E987C945-4D6D-4BE5-B6F0-784B7E821D11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B434C6D7-F583-4D2B-9275-38A5EC4ECC30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "248A3FFC-C33C-4336-A37C-67B6046556E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADEB5A-5147-4420-A825-BAB07BD60AA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC1F736-6240-4FA2-9FEC-D8798C9D287C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "169E5354-07EA-4639-AB4B-20D2B9DE784C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23153AA4-B169-4421-BFF8-873205FC9C21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67DC3B71-B64D-4C49-B089-B274FA34ECB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dcw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F857465-314F-4124-9835-8A269486D654",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "810472FD-52DE-4694-98FA-1AD858BEC895",
"versionEndExcluding": "16.12.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55C1CD64-ADE0-453F-9E0B-EA952F743892",
"versionEndExcluding": "17.3.6",
"versionStartIncluding": "17.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "612EB810-AB85-49D4-BB5C-C03E2B1A0B43",
"versionEndExcluding": "17.6.5",
"versionStartIncluding": "17.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F4C5572-9D7D-405C-AF93-DF9FF07F92F7",
"versionEndExcluding": "17.9.2",
"versionStartIncluding": "17.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to cause an affected device to reload spontaneously, resulting in a DoS condition."
}
],
"id": "CVE-2023-20056",
"lastModified": "2024-11-21T07:40:27.043",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-23T17:15:14.220",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-cli-dos-tc2EKEpu"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-cli-dos-tc2EKEpu"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-14 03:59
Modified
2024-11-21 02:34
Severity ?
Summary
Cisco Aironet 1800 devices with software 8.1(131.0) allow remote attackers to cause a denial of service (CPU consumption) by improperly establishing many SSHv2 connections, aka Bug ID CSCux13374.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | aironet_access_point_software | 8.1\(131.0\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.1\\(131.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AAE1697B-74D9-4416-AFBA-EAD5C0E5A6E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Aironet 1800 devices with software 8.1(131.0) allow remote attackers to cause a denial of service (CPU consumption) by improperly establishing many SSHv2 connections, aka Bug ID CSCux13374."
},
{
"lang": "es",
"value": "Dispositivos Cisco Aironet 1800 con software 8.1(131.0) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de CPU) mediante el establecimiento indebido de muchas conexiones SSHv2, tambi\u00e9n conocido como Bug ID CSCux13374."
}
],
"id": "CVE-2015-6367",
"lastModified": "2024-11-21T02:34:52.060",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-11-14T03:59:04.160",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151113-aironet"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1034157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151113-aironet"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034157"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-23 17:15
Modified
2024-11-21 07:40
Severity ?
4.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to gain full root access on the AP.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EA7E3F-2EA0-4B32-BCA0-0E88FC9E4F9D",
"versionEndExcluding": "8.10.183.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09051BC5-CFE7-43EF-975D-BF77724E8776",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "386B92C5-05F3-40A8-8F35-280DD9E84169",
"versionEndExcluding": "17.9.0.135",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1540:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72BFEED4-7AD7-406F-A044-BDEA98133711",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DB7510-2741-464A-8FC9-8419985E330F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE916B2-CAAD-4508-A47E-A7D4D88B077A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8191FD87-4E55-4F38-8DB0-7E6772AD075B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D717945-EE41-4D0F-86EF-90826EBE9C3E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99EAEA92-6589-4DFB-BC4B-8CBA425452D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D27AB201-342D-4517-9E05-6088598F4695",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02F4C00A-D1E2-4B21-A14E-F30B4B818493",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC836B4D-A489-4300-B0A2-EF0B6E01E623",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36F923CF-D4EB-48F8-821D-8BB3A69ABB62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1810w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D613A17-FFA9-4FF0-9C2A-AF8ACD59B765",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8BF9DDB-884D-47B5-A295-8BFA5207C412",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "207DC80E-499C-4CA3-8A88-F027DBC64CCF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E3225A6-DA3C-49FE-B0F8-8AC6B7DA3347",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E1D6F32-3F51-4C5B-97AF-1AD8917FCB07",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E09FEE6E-8169-4E90-ACF6-88BEE747D7A8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C28A6B0-10FF-4C6D-8527-2313E163C98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "098A82FF-95F7-416A-BADD-C57CE81ACD32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1D5813-9223-4B3F-9DE2-F3EF854FC927",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7636F7E2-E386-4F8C-A0C5-F510D8E21DA4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10D7583E-2B61-40F1-B9A6-701DA08F8CDF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "945DDBE7-6233-416B-9BEE-7029F047E298",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED89428-750C-4C26-B2A1-E3D63F8B3F44",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "749040C6-A21A-4EF3-8213-42EE01CFA303",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3CCCFE-88CC-4F7B-8958-79CA62516EA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C76DACE3-7D3B-4FE6-8567-0C9D43FF7A7E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F93DF4-67DB-4B30-AC22-60C67DF32DB2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59C77B06-3C22-4092-AAAB-DB099A0B16A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56A3430C-9AF7-4604-AD95-FCF2989E9EB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36E2B891-4F41-4D0D-BAA2-0256C0565BDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4C56A6-E843-498A-A17B-D3D1B01E70E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F050F416-44C3-474C-9002-321A33F288D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AE36E2-E7E9-4E49-8BFF-615DACFC65C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA8798F4-35BB-4F81-9385-B0274BFAAF15",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A699C5C-CD03-4263-952F-5074B470F20E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A47C2D6F-8F90-4D74-AFE1-EAE954021F46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C04889F8-3C2A-41AA-9DC9-5A4A4BBE60E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5889AFA2-752E-4EDD-A837-5C003025B25C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46D41CFE-784B-40EE-9431-8097428E5892",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D148A27-85B6-4883-96B5-343C8D32F23B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "735CA950-672C-4787-8910-48AD07868FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C11EF240-7599-4138-B7A7-17E4479F5B83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53852300-C1D2-4F84-B8DA-4EDBCB374075",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E987C945-4D6D-4BE5-B6F0-784B7E821D11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B434C6D7-F583-4D2B-9275-38A5EC4ECC30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "248A3FFC-C33C-4336-A37C-67B6046556E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADEB5A-5147-4420-A825-BAB07BD60AA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC1F736-6240-4FA2-9FEC-D8798C9D287C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "169E5354-07EA-4639-AB4B-20D2B9DE784C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23153AA4-B169-4421-BFF8-873205FC9C21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67DC3B71-B64D-4C49-B089-B274FA34ECB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dcw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F857465-314F-4124-9835-8A269486D654",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "810472FD-52DE-4694-98FA-1AD858BEC895",
"versionEndExcluding": "16.12.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55C1CD64-ADE0-453F-9E0B-EA952F743892",
"versionEndExcluding": "17.3.6",
"versionStartIncluding": "17.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "612EB810-AB85-49D4-BB5C-C03E2B1A0B43",
"versionEndExcluding": "17.6.5",
"versionStartIncluding": "17.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F4C5572-9D7D-405C-AF93-DF9FF07F92F7",
"versionEndExcluding": "17.9.2",
"versionStartIncluding": "17.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to gain full root access on the AP."
}
],
"id": "CVE-2023-20097",
"lastModified": "2024-11-21T07:40:32.780",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 2.7,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-23T17:15:15.027",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-02 22:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the implementation of Point-to-Point Tunneling Protocol (PPTP) functionality in Cisco Aironet 1810, 1830, and 1850 Series Access Points could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Generic Routing Encapsulation (GRE) frames that pass through the data plane of an affected access point. An attacker could exploit this vulnerability by initiating a PPTP connection to an affected access point from a device that is registered to the same wireless network as the access point and sending a malicious GRE frame through the data plane of the access point. A successful exploit could allow the attacker to cause the NSS core process on the affected access point to crash, which would cause the access point to reload and result in a DoS condition. This vulnerability affects Cisco Aironet 1810, 1830, and 1850 Series Access Points that are running Cisco Mobility Express Software Release 8.4.100.0, 8.5.103.0, or 8.5.105.0 and are configured as a master, subordinate, or standalone access point. Cisco Bug IDs: CSCvf73890.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | aironet_access_point_software | 8.4\(100.0\) | |
| cisco | aironet_access_point_software | 8.5\(103.0\) | |
| cisco | aironet_access_point_software | 8.5\(105.0\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.4\\(100.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BE67BC9F-CA61-4582-9838-534BDFD2E468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.5\\(103.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C84EBCED-F14E-41D7-AD46-335B6328DBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.5\\(105.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9749173C-73D7-4724-BD92-B021B87CF3B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of Point-to-Point Tunneling Protocol (PPTP) functionality in Cisco Aironet 1810, 1830, and 1850 Series Access Points could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Generic Routing Encapsulation (GRE) frames that pass through the data plane of an affected access point. An attacker could exploit this vulnerability by initiating a PPTP connection to an affected access point from a device that is registered to the same wireless network as the access point and sending a malicious GRE frame through the data plane of the access point. A successful exploit could allow the attacker to cause the NSS core process on the affected access point to crash, which would cause the access point to reload and result in a DoS condition. This vulnerability affects Cisco Aironet 1810, 1830, and 1850 Series Access Points that are running Cisco Mobility Express Software Release 8.4.100.0, 8.5.103.0, or 8.5.105.0 and are configured as a master, subordinate, or standalone access point. Cisco Bug IDs: CSCvf73890."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de la funcionalidad PPTP (Point-to-Point Tunneling Protocol) en los puntos de acceso de las series 1810, 1830 y 1850 de Cisco Aironet podr\u00eda permitir que un atacante remoto no autenticado provocara el reinicio de un dispositivo afectado, lo que provocar\u00eda una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a la validaci\u00f3n insuficiente de las tramas GRE (Generic Routing Encapsulation) que pasan a trav\u00e9s del plano de datos de un punto de acceso afectado. Un atacante podr\u00eda explotar esta vulnerabilidad iniciando una conexi\u00f3n PPTP a un punto de acceso afectado desde un dispositivo registrado en la misma red inal\u00e1mbrica que el punto de acceso y enviando un marco GRE malicioso a trav\u00e9s del plano de datos del punto de acceso. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el proceso del n\u00facleo NSS en el punto de acceso afectado se bloquee, lo que causar\u00eda que el punto de acceso se reinicie y una condici\u00f3n de denegaci\u00f3n de servicio. Esta vulnerabilidad afecta a los puntos de acceso de las series 1810, 1830 y 1850 de Cisco Aironet que ejecuten las versiones de software 8.4.100.0, 8.5.103.0 o 8.5.105.0 de Cisco Mobility Express y que est\u00e9n configurados como puntos de acceso maestro, subordinado o independiente. Cisco Bug IDs: CSCvf73890."
}
],
"id": "CVE-2018-0234",
"lastModified": "2024-11-21T03:37:47.230",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-02T22:29:00.323",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104081"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040820"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-ptp"
},
{
"source": "ykramarz@cisco.com",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-pptp-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040820"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-ptp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-pptp-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-03-05 05:04
Modified
2024-11-21 01:45
Severity ?
Summary
The HTTP Profiler on the Cisco Aironet Access Point with software 15.2 and earlier does not properly manage buffers, which allows remote attackers to cause a denial of service (device reload) via crafted HTTP requests, aka Bug ID CSCuc62460.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | aironet_access_point_software | 7.3 | |
| cisco | aironet_access_point_software | 7.4 | |
| cisco | aironet_access_point_software | 12.4 | |
| cisco | aironet_access_point_software | 15.2 | |
| cisco | aironet_access_point | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "417BEFA9-1390-4661-AB75-FF7A957265B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "491546B9-857D-4395-A5C2-A09F76943BFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "88ABD4C6-1D61-40B5-8EC4-29A5E77272B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:15.2:*:*:*:*:*:*:*",
"matchCriteriaId": "60437DD8-C588-4423-A63D-EFCCCB3349A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_access_point:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA5FEDC-983F-47B1-A04B-D9B542DFAF88",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The HTTP Profiler on the Cisco Aironet Access Point with software 15.2 and earlier does not properly manage buffers, which allows remote attackers to cause a denial of service (device reload) via crafted HTTP requests, aka Bug ID CSCuc62460."
},
{
"lang": "es",
"value": "El HTTP Profiler en el Cisco Aironet Access Point con software v15.2 y anteriores no gestiona correctamente los b\u00fafers, permitiendo a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio del dispositivo) mediante peticiones HTTP especialmente dise\u00f1adas, tambi\u00e9n conocidos como Bug ID CSCuc62460."
}
],
"id": "CVE-2012-6026",
"lastModified": "2024-11-21T01:45:38.897",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-03-05T05:04:04.077",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-6026"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=28436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-6026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=28436"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-09-24 18:15
Modified
2024-11-21 05:31
Severity ?
Summary
A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FAC3262-0899-4F22-8EE7-27F35FB7276D",
"versionEndExcluding": "8.10.112.0",
"versionStartIncluding": "8.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E903427-F63E-4E51-AC2D-96A707261DEE",
"versionEndExcluding": "8.5.161.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E7FBB2-4D72-47E2-84A2-AF8FE3CCE876",
"versionEndExcluding": "8.8.130.0",
"versionStartIncluding": "8.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1111-4pwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7262ADAB-296F-4DC2-9CD7-A86D7F6441C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111-8plteeawb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "929A06B1-38F1-42F4-B179-D42B04506AFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111-8pwb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3056B31-1977-4472-BC74-19A5B8B5EC44",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1113-8plteeawe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9261A638-E2E4-4EF0-84E9-A585BF763263",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1113-8pmwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C85463D-0B37-4746-B7EA-80F3096305E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1113-8pwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58C04E5B-AC03-440F-9007-0D6761B41F68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1116-4plteeawe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29A5E963-2987-4927-862A-6375624FC876",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1116-4pwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3601499F-AD3B-47EA-816A-A01379CA1A33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1117-4plteeawe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303129EF-9107-4B39-8683-1BD917B3E68D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1117-4pmlteeawe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76B2B271-555B-4439-95D8-086E516F1169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1117-4pmwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB321CD-9096-4F75-AD2F-4EAE1CA75D76",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1117-4pwe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98F31C77-0303-4FD9-B968-6B430202C6AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DB7510-2741-464A-8FC9-8419985E330F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE916B2-CAAD-4508-A47E-A7D4D88B077A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D717945-EE41-4D0F-86EF-90826EBE9C3E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99EAEA92-6589-4DFB-BC4B-8CBA425452D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D27AB201-342D-4517-9E05-6088598F4695",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8BF9DDB-884D-47B5-A295-8BFA5207C412",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4590D445-B4B6-48E6-BF55-BEA6BA763410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "848CC5CD-1982-4F31-A626-BD567E1C19F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "098A82FF-95F7-416A-BADD-C57CE81ACD32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1D5813-9223-4B3F-9DE2-F3EF854FC927",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10D7583E-2B61-40F1-B9A6-701DA08F8CDF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "945DDBE7-6233-416B-9BEE-7029F047E298",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED89428-750C-4C26-B2A1-E3D63F8B3F44",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_140ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6331ADD0-9438-4095-84D4-4434C4782C60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_145ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19202724-5BEB-487C-98EA-F3B6924C52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:business_240ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07135C18-DDB4-41F3-971F-A4FC38C99E26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3CCCFE-88CC-4F7B-8958-79CA62516EA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A47C2D6F-8F90-4D74-AFE1-EAE954021F46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:esw-6300-con-x-k9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3625BC-9003-4E07-B4EA-EB44CADDD6B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:business_access_points:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78149144-CCF5-4C71-B22D-45261C4ACABC",
"versionEndExcluding": "10.1.1.0",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:access_points:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70B4ABE1-4F2F-478A-AA0E-8F293105FEBE",
"versionEndExcluding": "16.12.4a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.5\\(154.27\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7F7E9751-8192-4418-89BE-58D83E1BC2F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.8\\(125.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8CBF1E5E-E88B-46EA-AF9A-A52B9CF84273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.10\\(105.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2C522D2E-422A-47E9-884B-708E4F4BF203",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.10\\(105.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "50089912-8D92-4A0F-83C6-2C9BB3B7CF61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:17.1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6A94467F-9120-4165-832C-292F343AD65A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:17.1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9301B023-A2C5-4DAD-9A05-FDE751AF3C41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:17.2.0.37:*:*:*:*:*:*:*",
"matchCriteriaId": "E600825D-4984-488E-BF44-89816CAB6869",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco Aironet Access Points (APs), podr\u00eda permitir a un atacante remoto no autenticado causar una denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a una gesti\u00f3n inapropiada de los recursos al procesar paquetes espec\u00edficos.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una serie de paquetes UDP dise\u00f1ados hacia un puerto espec\u00edfico en un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante romper la conexi\u00f3n entre el AP y el controlador de LAN inal\u00e1mbrico, resultando que el dispositivo afectado no sea capaz de procesar el tr\u00e1fico del cliente, o causar que el dispositivo vulnerable se recargue, desencadenando en una condici\u00f3n DoS.\u0026#xa0;Despu\u00e9s del ataque, el dispositivo afectado deber\u00eda recuperar autom\u00e1ticamente sus funciones normales sin intervenci\u00f3n manual."
}
],
"id": "CVE-2020-3560",
"lastModified": "2024-11-21T05:31:19.017",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-24T18:15:22.137",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-VHr2zG9y"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-VHr2zG9y"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-24 20:15
Modified
2024-11-21 05:44
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploit this vulnerability by modifying a specific file that is stored on the system, which would allow the attacker to bypass existing protections. A successful exploit could allow the attacker to execute unsigned code at boot time and bypass the software image verification check part of the secure boot process of an affected device. Note: To exploit this vulnerability, the attacker would need to have access to the development shell (devshell) on the device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D48036EE-DE42-412A-B3C9-CBCE7414DB33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1540:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72BFEED4-7AD7-406F-A044-BDEA98133711",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8191FD87-4E55-4F38-8DB0-7E6772AD075B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02F4C00A-D1E2-4B21-A14E-F30B4B818493",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C28A6B0-10FF-4C6D-8527-2313E163C98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7636F7E2-E386-4F8C-A0C5-F510D8E21DA4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "749040C6-A21A-4EF3-8213-42EE01CFA303",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09051BC5-CFE7-43EF-975D-BF77724E8776",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD9BB32-1D37-4F86-9E93-B77DAB09B874",
"versionEndExcluding": "16.12.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BDFBA81-4DF6-4BC8-8D16-2520510ADE2E",
"versionEndExcluding": "17.3.3",
"versionStartIncluding": "17.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2FA8344-3D28-4E46-9B90-C5BD5256ACF9",
"versionEndExcluding": "17.5.1",
"versionStartIncluding": "17.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4303CDF3-6399-41CA-BD2A-3C894DD02064",
"versionEndExcluding": "8.5.171.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "570AC97E-DD6A-4568-8F19-D49B4D5D05A5",
"versionEndExcluding": "8.10.150.0",
"versionStartIncluding": "8.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploit this vulnerability by modifying a specific file that is stored on the system, which would allow the attacker to bypass existing protections. A successful exploit could allow the attacker to execute unsigned code at boot time and bypass the software image verification check part of the secure boot process of an affected device. Note: To exploit this vulnerability, the attacker would need to have access to the development shell (devshell) on the device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la l\u00f3gica de arranque del Software Cisco Access Points, podr\u00eda permitir a un atacante local autenticado ejecutar c\u00f3digo sin firmar en el momento del arranque.\u0026#xa0;La vulnerabilidad es debido a una comprobaci\u00f3n inapropiada que es llevada a cabo por el \u00e1rea de c\u00f3digo que administra los procesos de inicio del sistema.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad al modificar un archivo espec\u00edfico que est\u00e1 almacenado en el sistema, lo que le permitir\u00eda omitir las protecciones existentes.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo sin firmar en el momento del arranque y omitir la comprobaci\u00f3n de la imagen del software como parte del proceso de arranque seguro de un dispositivo afectado.\u0026#xa0;Nota: Para explotar esta vulnerabilidad, el atacante deber\u00eda tener acceso al shell de desarrollo (devshell) en el dispositivo"
}
],
"id": "CVE-2021-1449",
"lastModified": "2024-11-21T05:44:23.367",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-24T20:15:15.400",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-privesc-wEVfp8Ud"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-privesc-wEVfp8Ud"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-09-24 18:15
Modified
2024-11-21 05:31
Severity ?
Summary
A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | wireless_lan_controller | * | |
| cisco | aironet_1542d | - | |
| cisco | aironet_1542i | - | |
| cisco | aironet_1562d | - | |
| cisco | aironet_1562e | - | |
| cisco | aironet_1562i | - | |
| cisco | aironet_1810 | - | |
| cisco | aironet_1815 | - | |
| cisco | aironet_1830e | - | |
| cisco | aironet_1830i | - | |
| cisco | aironet_1840 | - | |
| cisco | aironet_1850e | - | |
| cisco | aironet_1850i | - | |
| cisco | aironet_2800e | - | |
| cisco | aironet_2800i | - | |
| cisco | aironet_3800e | - | |
| cisco | aironet_3800i | - | |
| cisco | aironet_3800p | - | |
| cisco | aironet_4800 | - | |
| cisco | business_access_points | * | |
| cisco | access_points | * | |
| cisco | catalyst_9800-40 | - | |
| cisco | catalyst_9800-80 | - | |
| cisco | catalyst_9800-cl | - | |
| cisco | catalyst_9800-l | - | |
| cisco | catalyst_9800-l-c | - | |
| cisco | catalyst_9800-l-f | - | |
| cisco | aironet_access_point_software | 8.10\(1.255\) | |
| cisco | aironet_1850e | - | |
| cisco | aironet_1850i | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8EFE8F9-5E37-42DF-8658-574A5D9ECC6D",
"versionEndExcluding": "8.10.105.0",
"versionStartIncluding": "8.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DB7510-2741-464A-8FC9-8419985E330F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE916B2-CAAD-4508-A47E-A7D4D88B077A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D717945-EE41-4D0F-86EF-90826EBE9C3E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99EAEA92-6589-4DFB-BC4B-8CBA425452D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D27AB201-342D-4517-9E05-6088598F4695",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36F923CF-D4EB-48F8-821D-8BB3A69ABB62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8BF9DDB-884D-47B5-A295-8BFA5207C412",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4590D445-B4B6-48E6-BF55-BEA6BA763410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "848CC5CD-1982-4F31-A626-BD567E1C19F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1840:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69CA9D6-914D-436F-AA81-B218CC312D29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "098A82FF-95F7-416A-BADD-C57CE81ACD32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1D5813-9223-4B3F-9DE2-F3EF854FC927",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10D7583E-2B61-40F1-B9A6-701DA08F8CDF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "945DDBE7-6233-416B-9BEE-7029F047E298",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED89428-750C-4C26-B2A1-E3D63F8B3F44",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:business_access_points:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78149144-CCF5-4C71-B22D-45261C4ACABC",
"versionEndExcluding": "10.1.1.0",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:access_points:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70B4ABE1-4F2F-478A-AA0E-8F293105FEBE",
"versionEndExcluding": "16.12.4a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.10\\(1.255\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D40D1D98-F662-4C7D-AEC8-C106209D7848",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el manejo de paquetes Ethernet de Cisco Aironet Access Points (APs) Software, podr\u00eda permitir a un atacante adyacente no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante la conexi\u00f3n como un cliente cableado a la interfaz Ethernet de un dispositivo afectado y mediante el env\u00edo de una serie de paquetes espec\u00edficos en un corto per\u00edodo de tiempo.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar un acceso al puntero NULL que resulte en una recarga del dispositivo afectado."
}
],
"id": "CVE-2020-3552",
"lastModified": "2024-11-21T05:31:18.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-24T18:15:21.900",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ethport-dos-xtjTt8pY"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ethport-dos-xtjTt8pY"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-15 15:15
Modified
2024-11-21 06:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. The device may experience a performance degradation in traffic processing or high CPU usage prior to the unexpected reload. This vulnerability is due to improper rate limiting of IP packets to the management interface. An attacker could exploit this vulnerability by sending a steady stream of IP traffic at a high rate to the management interface of the affected device. A successful exploit could allow the attacker to cause the device to reload.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | aironet_access_point_software | * | |
| cisco | aironet_access_point_software | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A203AE75-779D-42CD-9DB4-837D2EDBDBF8",
"versionEndExcluding": "17.3.4",
"versionStartIncluding": "17.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28855FA6-E267-4EDC-B525-9ED4C46BFBDE",
"versionEndExcluding": "17.6.1",
"versionStartIncluding": "17.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. The device may experience a performance degradation in traffic processing or high CPU usage prior to the unexpected reload. This vulnerability is due to improper rate limiting of IP packets to the management interface. An attacker could exploit this vulnerability by sending a steady stream of IP traffic at a high rate to the management interface of the affected device. A successful exploit could allow the attacker to cause the device to reload."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el procesamiento de paquetes de entrada IP del software Cisco Embedded Wireless Controller with Catalyst Access Points podr\u00eda permitir a un atacante remoto no autenticado hacer que el dispositivo sea recargado inesperadamente, causando una condici\u00f3n de denegaci\u00f3n de servicio (DoS). El dispositivo puede experimentar una degradaci\u00f3n del rendimiento en el procesamiento del tr\u00e1fico o un alto uso de la CPU antes de la recarga no esperada. Esta vulnerabilidad es debido a una limitaci\u00f3n inapropiada de la velocidad de los paquetes IP a la interfaz de administraci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el env\u00edo de un flujo constante de tr\u00e1fico IP a una velocidad elevada a la interfaz de administraci\u00f3n del dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una recarga del dispositivo"
}
],
"id": "CVE-2022-20622",
"lastModified": "2024-11-21T06:43:10.777",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-15T15:15:12.247",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-24 21:15
Modified
2024-11-21 05:44
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Summary
A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. This vulnerability is due to insufficient input validation for a specific command. An attacker could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to overwrite or create files with data that is already present in other files that are hosted on the affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D48036EE-DE42-412A-B3C9-CBCE7414DB33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1540:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72BFEED4-7AD7-406F-A044-BDEA98133711",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8191FD87-4E55-4F38-8DB0-7E6772AD075B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02F4C00A-D1E2-4B21-A14E-F30B4B818493",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C28A6B0-10FF-4C6D-8527-2313E163C98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7636F7E2-E386-4F8C-A0C5-F510D8E21DA4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "749040C6-A21A-4EF3-8213-42EE01CFA303",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09051BC5-CFE7-43EF-975D-BF77724E8776",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD9BB32-1D37-4F86-9E93-B77DAB09B874",
"versionEndExcluding": "16.12.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54FC2B7F-8BB5-4326-964C-0C7CC6D31412",
"versionEndIncluding": "17.2",
"versionStartIncluding": "17.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4303CDF3-6399-41CA-BD2A-3C894DD02064",
"versionEndExcluding": "8.5.171.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D84C320-E3E3-4B29-A27F-A95C6C50FFFE",
"versionEndExcluding": "8.10.130.0",
"versionStartIncluding": "8.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. This vulnerability is due to insufficient input validation for a specific command. An attacker could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to overwrite or create files with data that is already present in other files that are hosted on the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de un comando de CLI en Cisco Aironet Access Points (AP), podr\u00eda permitir a un atacante local autenticado sobrescribir archivos en la memoria flash del dispositivo.\u0026#xa0;Esta vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada para un comando espec\u00edfico.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad al emitir un comando con argumentos dise\u00f1ados.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante sobrescribir o crear archivos con datos que ya est\u00e1n presentes en otros archivos alojados en el dispositivo afectado"
}
],
"id": "CVE-2021-1423",
"lastModified": "2024-11-21T05:44:19.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-24T21:15:13.443",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-26 07:59
Modified
2024-11-21 03:00
Severity ?
Summary
A Denial of Service Vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause the connection table to be full of invalid connections and be unable to process new incoming requests. More Information: CSCvb66659. Known Affected Releases: 8.2(130.0). Known Fixed Releases: 8.2(131.10) 8.2(131.6) 8.2(141.0) 8.3(104.56) 8.4(1.88) 8.4(1.91).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | aironet_access_point_software | 8.2\(130.0\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.2\\(130.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D773319E-065B-4476-93AC-7444563FACD1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service Vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause the connection table to be full of invalid connections and be unable to process new incoming requests. More Information: CSCvb66659. Known Affected Releases: 8.2(130.0). Known Fixed Releases: 8.2(131.10) 8.2(131.6) 8.2(141.0) 8.3(104.56) 8.4(1.88) 8.4(1.91)."
},
{
"lang": "es",
"value": "Una vulnerabilidad de denegaci\u00f3n de servicio en el procesamiento del paquete de entrada 802.11 de los Access Points (APs) de Cisco Mobility Express 2800 y 3800 podr\u00edan permitir a un atacante adyacente no autenticado provocar que la tabla de conexiones est\u00e9 repleta de conexiones no v\u00e1lidas y sea incapaz de procesar nuevas peticiones de entrada. M\u00e1s informaci\u00f3n: CSCvb66659. Lanzamientos afectados conocidos: 8.2(130.0). Lanzamientos reparados conocidos: 8.2(131.10) 8.2(131.6) 8.2(141.0) 8.3(104.56) 8.4(1.88) 8.4(1.91)."
}
],
"id": "CVE-2016-9220",
"lastModified": "2024-11-21T03:00:49.343",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-26T07:59:00.233",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/95633"
},
{
"source": "ykramarz@cisco.com",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme1"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-26 07:59
Modified
2024-11-21 03:00
Severity ?
Summary
A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. Affected Products: This vulnerability affects Cisco Mobility Express 2800 Series and 3800 Series Access Points when configured in local mode in 40 MHz. More Information: CSCvb33575. Known Affected Releases: 8.2(121.12) 8.4(1.82). Known Fixed Releases: 8.2(131.2) 8.2(131.3) 8.2(131.4) 8.2(141.0) 8.3(104.53) 8.3(104.54) 8.4(1.80) 8.4(1.85).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/95631 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95631 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | aironet_access_point_software | 8.2\(121.12\) | |
| cisco | aironet_access_point_software | 8.4\(1.82\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.2\\(121.12\\):*:*:*:*:*:*:*",
"matchCriteriaId": "49309998-D816-43BC-BA6D-BE1BFE383DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.4\\(1.82\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6959C12E-AEC2-415E-972D-18B6D9D717EB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. Affected Products: This vulnerability affects Cisco Mobility Express 2800 Series and 3800 Series Access Points when configured in local mode in 40 MHz. More Information: CSCvb33575. Known Affected Releases: 8.2(121.12) 8.4(1.82). Known Fixed Releases: 8.2(131.2) 8.2(131.3) 8.2(131.4) 8.2(141.0) 8.3(104.53) 8.3(104.54) 8.4(1.80) 8.4(1.85)."
},
{
"lang": "es",
"value": "Una vulnerabilidad de denegaci\u00f3n de servicio en el manejo de la autenticaci\u00f3n de conexi\u00f3n de ingreso 802.11 para los Access Points (APs) 2800 y 3800 de Cisco Mobility Express podr\u00eda permitir a un atacante adyacente no autenticado provocar que la autenticaci\u00f3n falle. Productos afectados: Esta vulnerabilidad afecta a Cisco Mobility Express 2800 Series y 3800 Series Access Points cuando son configurados en modo local en 40 MHz. M\u00e1s informaci\u00f3n: CSCvb33575. Lanzamientos afectados conocidos: 8.2(121.12) 8.4(1.82). Lanzamientos reparados conocidos: 8.2(131.2) 8.2(131.3) 8.2(131.4) 8.2(141.0) 8.3(104.53) 8.3(104.54) 8.4(1.80) 8.4(1.85)."
}
],
"id": "CVE-2016-9221",
"lastModified": "2024-11-21T03:00:49.450",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-26T07:59:00.247",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95631"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-22 10:59
Modified
2024-11-21 02:55
Severity ?
Summary
The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securityfocus.com/bid/92508 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1036648 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92508 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036648 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | aironet_access_point_software | 8.1\(15.14\) | |
| cisco | aironet_access_point_software | 8.1\(112.3\) | |
| cisco | aironet_access_point_software | 8.1\(112.4\) | |
| cisco | aironet_access_point_software | 8.1\(131.0\) | |
| cisco | aironet_access_point_software | 8.2\(100.0\) | |
| cisco | aironet_access_point_software | 8.2\(102.43\) | |
| cisco | aironet_access_point_software | 8.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(15.14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "56A62387-63C1-465E-B7C9-8AE336CC1C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(112.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2C399834-8DC2-4B81-B258-0F2DA7408277",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(112.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CEF360BC-B2C5-4DF4-8751-C1129A263243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(131.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BEEB3E5A-354E-41DA-971C-03F7915FA947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.2\\(100.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "97863857-2CC6-4717-A59F-92F3B6604FDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.2\\(102.43\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3CD7A011-854F-41A9-9C24-BF3769B1797E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B28C49B5-1B3D-4228-AE6A-83EC30D69515",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de Aggregated MAC Protocol Data Unit (AMPDU) en dispositivos Cisco Aironet 1800, 2800 y 3800 con software en versiones anteriores a 8.2.121.0 y 8.3.x en versiones anteriores 8.3.102.0 permite a atacantes remotos causar una denegaci\u00f3n de servicios (reinicio de dispositivo) a trav\u00e9s de una cabecera AMPDU manipulado, tambi\u00e9n conocido como Bug ID CSCuz56288."
}
],
"id": "CVE-2016-6361",
"lastModified": "2024-11-21T02:55:58.763",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-22T10:59:10.043",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92508"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036648"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036648"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-15 03:59
Modified
2024-11-21 02:34
Severity ?
Summary
The IP ingress packet handler on Cisco Aironet 1800 devices with software 8.1(112.3) and 8.1(112.4) allows remote attackers to cause a denial of service via a crafted header in an IP packet, aka Bug ID CSCuv63138.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | aironet_1830e | * | |
| cisco | aironet_1830i | * | |
| cisco | aironet_1850e | * | |
| cisco | aironet_1850i | * | |
| cisco | aironet_access_point_software | 8.1\(112.3\) | |
| cisco | aironet_access_point_software | 8.1\(112.4\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1830e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0FCB522-C9CB-4EEA-9C0C-42A3ED2523C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830i:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25D42448-AE53-4832-9D56-5C6172BC2872",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9CB0ED-8596-4576-8243-B3B97A19CEFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850i:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C6AD90E-0906-4169-A2C9-10D2BF353FB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.1\\(112.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A187F61E-D4A4-4DF9-93B4-981C4B86F284",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.1\\(112.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A92A6EC5-E47A-4001-A25C-A1043B346EDE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The IP ingress packet handler on Cisco Aironet 1800 devices with software 8.1(112.3) and 8.1(112.4) allows remote attackers to cause a denial of service via a crafted header in an IP packet, aka Bug ID CSCuv63138."
},
{
"lang": "es",
"value": "El manejador de paquetes IP de entrada en dispositivos Cisco Aironet 1800 con software 8.1(112.3) and 8.1(112.4) permite a atacantes remotos causar una denegaci\u00f3n de servicio a trav\u00e9s de una cabecera manipulada en un paquete IP, tambi\u00e9n conocido como Bug ID CSCuv63138."
}
],
"id": "CVE-2015-6320",
"lastModified": "2024-11-21T02:34:46.773",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-15T03:59:06.077",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-aironet"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1034668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-aironet"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034668"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-02 22:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability when handling incoming 802.11 Association Requests for Cisco Aironet 1800 Series Access Point (APs) on Qualcomm Atheros (QCA) based hardware platforms could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. A successful exploit could prevent new clients from joining the AP. The vulnerability is due to incorrect handling of malformed or invalid 802.11 Association Requests. An attacker could exploit this vulnerability by sending a malformed stream of 802.11 Association Requests to the local interface of the targeted device. A successful exploit could allow the attacker to cause a DoS situation on an affected system, causing new client 802.11 Association Requests to fail. This vulnerability affects the following Cisco products: Aironet 1560 Series Access Points, Aironet 1810 Series OfficeExtend Access Points, Aironet 1810w Series Access Points, Aironet 1815 Series Access Points, Aironet 1830 Series Access Points, Aironet 1850 Series Access Points, Aironet 2800 Series Access Points, Aironet 3800 Series Access Points. Cisco Bug IDs: CSCvg02116.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securitytracker.com/id/1040816 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-dos | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040816 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-dos | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | aironet_access_point_software | 8.2\(161.0\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.2\\(161.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A36D61BB-B80F-4BC4-AFE0-3575E8C98E8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability when handling incoming 802.11 Association Requests for Cisco Aironet 1800 Series Access Point (APs) on Qualcomm Atheros (QCA) based hardware platforms could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. A successful exploit could prevent new clients from joining the AP. The vulnerability is due to incorrect handling of malformed or invalid 802.11 Association Requests. An attacker could exploit this vulnerability by sending a malformed stream of 802.11 Association Requests to the local interface of the targeted device. A successful exploit could allow the attacker to cause a DoS situation on an affected system, causing new client 802.11 Association Requests to fail. This vulnerability affects the following Cisco products: Aironet 1560 Series Access Points, Aironet 1810 Series OfficeExtend Access Points, Aironet 1810w Series Access Points, Aironet 1815 Series Access Points, Aironet 1830 Series Access Points, Aironet 1850 Series Access Points, Aironet 2800 Series Access Points, Aironet 3800 Series Access Points. Cisco Bug IDs: CSCvg02116."
},
{
"lang": "es",
"value": "Una vulnerabilidad al gestionar peticiones entrantes de asociaci\u00f3n 802.11 para los Cisco Aironet 1800 Series Access Point (AP) en plataformas de hardware de Qualcomm Atheros (QCA) podr\u00eda permitir que un atacante adyacente sin autenticar provoque una denegaci\u00f3n de servicio (DoS) en un sistema afectado. Su explotaci\u00f3n con \u00e9xito podr\u00eda evitar que nuevos clientes se unan al AP. La vulnerabilidad se debe a la gesti\u00f3n incorrecta de peticiones de asociaci\u00f3n 802.11 mal formadas o inv\u00e1lidas. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un flujo mal formado de peticiones de asociaci\u00f3n 802.11 a la interfaz local del dispositivo objetivo. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante provoque una situaci\u00f3n de denegaci\u00f3n de servicio (DoS) en un sistema afectado, lo que provocar\u00eda que las nuevas peticiones de asociaci\u00f3n 802.11 fracasasen. Esta vulnerabilidad afecta a los siguientes productos Cisco: Aironet 1560 Series Access Points, Aironet 1810 Series OfficeExtend Access Points, Aironet 1810w Series Access Points, Aironet 1815 Series Access Points, Aironet 1830 Series Access Points, Aironet 1850 Series Access Points, Aironet 2800 Series Access Points y Aironet 3800 Series Access Points. Cisco Bug IDs: CSCvg02116."
}
],
"id": "CVE-2018-0249",
"lastModified": "2024-11-21T03:37:48.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-02T22:29:00.573",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040816"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-15 03:59
Modified
2024-11-21 02:34
Severity ?
Summary
Cisco Aironet 1800 devices with software 7.2, 7.3, 7.4, 8.1(112.3), 8.1(112.4), and 8.1(15.14) have a default account, which makes it easier for remote attackers to obtain access via unspecified vectors, aka Bug ID CSCuw58062.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | aironet_access_point_software | 7.2_base | |
| cisco | aironet_access_point_software | 7.3_base | |
| cisco | aironet_access_point_software | 7.4_base | |
| cisco | aironet_access_point_software | 8.1\(15.14\) | |
| cisco | aironet_access_point_software | 8.1\(112.3\) | |
| cisco | aironet_access_point_software | 8.1\(112.4\) | |
| cisco | aironet_1830e | * | |
| cisco | aironet_1830i | * | |
| cisco | aironet_1850e | * | |
| cisco | aironet_1850i | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:7.2_base:*:*:*:*:*:*:*",
"matchCriteriaId": "AD33ED02-6760-4BD5-9639-BA2F9CCBA01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:7.3_base:*:*:*:*:*:*:*",
"matchCriteriaId": "568B926E-483A-4318-BC50-841668C6B3C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:7.4_base:*:*:*:*:*:*:*",
"matchCriteriaId": "D6A4259C-C436-4831-9764-6C7079F51A93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.1\\(15.14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "88453D71-DAF5-4813-9776-5391C31B1006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.1\\(112.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A187F61E-D4A4-4DF9-93B4-981C4B86F284",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.1\\(112.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A92A6EC5-E47A-4001-A25C-A1043B346EDE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1830e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0FCB522-C9CB-4EEA-9C0C-42A3ED2523C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1830i:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25D42448-AE53-4832-9D56-5C6172BC2872",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9CB0ED-8596-4576-8243-B3B97A19CEFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1850i:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C6AD90E-0906-4169-A2C9-10D2BF353FB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Aironet 1800 devices with software 7.2, 7.3, 7.4, 8.1(112.3), 8.1(112.4), and 8.1(15.14) have a default account, which makes it easier for remote attackers to obtain access via unspecified vectors, aka Bug ID CSCuw58062."
},
{
"lang": "es",
"value": "Dispositivos Cisco Aironet 1800 con software 7.2, 7.3, 7.4, 8.1(112.3), 8.1(112.4) y 8.1(15.14) tienen una cuenta por defecto, lo que hace que sea m\u00e1s f\u00e1cil para atacantes remotos obtener acceso a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCuw58062."
}
],
"id": "CVE-2015-6336",
"lastModified": "2024-11-21T02:34:48.793",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-15T03:59:08.107",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-air"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1034667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-air"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034667"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-10 01:59
Modified
2024-11-21 02:46
Severity ?
Summary
Cisco Access Point devices with software 8.2(102.43) allow remote attackers to cause a denial of service (device reload) via crafted ARP packets, aka Bug ID CSCuy55803.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | aironet | * | |
| cisco | aironet_access_point_software | 8.2\(102.43\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF0D9B1-D965-4F28-A8A8-A8E72D80A621",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.2\\(102.43\\):*:*:*:*:*:*:*",
"matchCriteriaId": "04549C42-1AFC-48D6-A4BC-9E2CBCF249FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Access Point devices with software 8.2(102.43) allow remote attackers to cause a denial of service (device reload) via crafted ARP packets, aka Bug ID CSCuy55803."
},
{
"lang": "es",
"value": "Dispositivos Cisco Access Point con software 8.2(102.43) permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio del dispositivo) a trav\u00e9s de paquetes ARP manipulados, tambi\u00e9n conocido como Bug ID CSCuy55803."
}
],
"id": "CVE-2016-1419",
"lastModified": "2024-11-21T02:46:24.653",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 7.8,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-10T01:59:04.020",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160608-aironet"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1036626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160608-aironet"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036626"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2015-6320
Vulnerability from cvelistv5
Published
2016-01-15 02:00
Modified
2024-08-06 07:15
Severity ?
EPSS score ?
Summary
The IP ingress packet handler on Cisco Aironet 1800 devices with software 8.1(112.3) and 8.1(112.4) allows remote attackers to cause a denial of service via a crafted header in an IP packet, aka Bug ID CSCuv63138.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-aironet | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1034668 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:15:13.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160113 Cisco Aironet 1800 Series Access Point Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-aironet"
},
{
"name": "1034668",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034668"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IP ingress packet handler on Cisco Aironet 1800 devices with software 8.1(112.3) and 8.1(112.4) allows remote attackers to cause a denial of service via a crafted header in an IP packet, aka Bug ID CSCuv63138."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20160113 Cisco Aironet 1800 Series Access Point Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-aironet"
},
{
"name": "1034668",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034668"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-6320",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IP ingress packet handler on Cisco Aironet 1800 devices with software 8.1(112.3) and 8.1(112.4) allows remote attackers to cause a denial of service via a crafted header in an IP packet, aka Bug ID CSCuv63138."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160113 Cisco Aironet 1800 Series Access Point Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-aironet"
},
{
"name": "1034668",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034668"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-6320",
"datePublished": "2016-01-15T02:00:00",
"dateReserved": "2015-08-17T00:00:00",
"dateUpdated": "2024-08-06T07:15:13.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-9221
Vulnerability from cvelistv5
Published
2017-01-26 07:45
Modified
2024-08-06 02:42
Severity ?
EPSS score ?
Summary
A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. Affected Products: This vulnerability affects Cisco Mobility Express 2800 Series and 3800 Series Access Points when configured in local mode in 40 MHz. More Information: CSCvb33575. Known Affected Releases: 8.2(121.12) 8.4(1.82). Known Fixed Releases: 8.2(131.2) 8.2(131.3) 8.2(131.4) 8.2(141.0) 8.3(104.53) 8.3(104.54) 8.4(1.80) 8.4(1.85).
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/95631 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco Mobility Express 2800 Series and 3800 Series Access Points |
Version: Cisco Mobility Express 2800 Series and 3800 Series Access Points |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:42:11.193Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2"
},
{
"name": "95631",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95631"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Mobility Express 2800 Series and 3800 Series Access Points",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Mobility Express 2800 Series and 3800 Series Access Points"
}
]
}
],
"datePublic": "2017-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. Affected Products: This vulnerability affects Cisco Mobility Express 2800 Series and 3800 Series Access Points when configured in local mode in 40 MHz. More Information: CSCvb33575. Known Affected Releases: 8.2(121.12) 8.4(1.82). Known Fixed Releases: 8.2(131.2) 8.2(131.3) 8.2(131.4) 8.2(141.0) 8.3(104.53) 8.3(104.54) 8.4(1.80) 8.4(1.85)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "unspecified",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-26T10:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2"
},
{
"name": "95631",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95631"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-9221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Mobility Express 2800 Series and 3800 Series Access Points",
"version": {
"version_data": [
{
"version_value": "Cisco Mobility Express 2800 Series and 3800 Series Access Points"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. Affected Products: This vulnerability affects Cisco Mobility Express 2800 Series and 3800 Series Access Points when configured in local mode in 40 MHz. More Information: CSCvb33575. Known Affected Releases: 8.2(121.12) 8.4(1.82). Known Fixed Releases: 8.2(131.2) 8.2(131.3) 8.2(131.4) 8.2(141.0) 8.3(104.53) 8.3(104.54) 8.4(1.80) 8.4(1.85)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2"
},
{
"name": "95631",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95631"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-9221",
"datePublished": "2017-01-26T07:45:00",
"dateReserved": "2016-11-06T00:00:00",
"dateUpdated": "2024-08-06T02:42:11.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0250
Vulnerability from cvelistv5
Published
2018-05-02 22:00
Modified
2024-11-29 15:13
Severity ?
EPSS score ?
Summary
A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent attacker to bypass a configured FlexConnect access control list (ACL). The vulnerability is due to the AP ignoring the ACL download from the client during authentication. An attacker could exploit this vulnerability by connecting to the targeted device with a vulnerable configuration. A successful exploit could allow the attacker to bypass a configured client FlexConnect ACL. This vulnerability affects the following Cisco products if they are running a vulnerable release of Central Web Authentication with FlexConnect Access Points Software: Aironet 1560 Series Access Points, Aironet 1810 Series OfficeExtend Access Points, Aironet 1810w Series Access Points, Aironet 1815 Series Access Points, Aironet 1830 Series Access Points, Aironet 1850 Series Access Points, Aironet 2800 Series Access Points, Aironet 3800 Series Access Points. Note: Central Web Authentication with FlexConnect Access Points was an unsupported configuration until 8.5.100.0. Cisco Bug IDs: CSCve17756.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1040818 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-acl | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco Aironet Access Points |
Version: Cisco Aironet Access Points |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:14.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040818",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040818"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-acl"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0250",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:38:12.474869Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:13:00.370Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Points",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Aironet Access Points"
}
]
}
],
"datePublic": "2018-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent attacker to bypass a configured FlexConnect access control list (ACL). The vulnerability is due to the AP ignoring the ACL download from the client during authentication. An attacker could exploit this vulnerability by connecting to the targeted device with a vulnerable configuration. A successful exploit could allow the attacker to bypass a configured client FlexConnect ACL. This vulnerability affects the following Cisco products if they are running a vulnerable release of Central Web Authentication with FlexConnect Access Points Software: Aironet 1560 Series Access Points, Aironet 1810 Series OfficeExtend Access Points, Aironet 1810w Series Access Points, Aironet 1815 Series Access Points, Aironet 1830 Series Access Points, Aironet 1850 Series Access Points, Aironet 2800 Series Access Points, Aironet 3800 Series Access Points. Note: Central Web Authentication with FlexConnect Access Points was an unsupported configuration until 8.5.100.0. Cisco Bug IDs: CSCve17756."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-04T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1040818",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040818"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-acl"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0250",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Aironet Access Points",
"version": {
"version_data": [
{
"version_value": "Cisco Aironet Access Points"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent attacker to bypass a configured FlexConnect access control list (ACL). The vulnerability is due to the AP ignoring the ACL download from the client during authentication. An attacker could exploit this vulnerability by connecting to the targeted device with a vulnerable configuration. A successful exploit could allow the attacker to bypass a configured client FlexConnect ACL. This vulnerability affects the following Cisco products if they are running a vulnerable release of Central Web Authentication with FlexConnect Access Points Software: Aironet 1560 Series Access Points, Aironet 1810 Series OfficeExtend Access Points, Aironet 1810w Series Access Points, Aironet 1815 Series Access Points, Aironet 1830 Series Access Points, Aironet 1850 Series Access Points, Aironet 2800 Series Access Points, Aironet 3800 Series Access Points. Note: Central Web Authentication with FlexConnect Access Points was an unsupported configuration until 8.5.100.0. Cisco Bug IDs: CSCve17756."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-693"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040818",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040818"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-acl",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-acl"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0250",
"datePublished": "2018-05-02T22:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T15:13:00.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3552
Vulnerability from cvelistv5
Published
2020-09-24 17:51
Modified
2024-11-13 18:01
Severity ?
EPSS score ?
Summary
A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ethport-dos-xtjTt8pY | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Aironet Access Point Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.983Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200924 Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ethport-dos-xtjTt8pY"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3552",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:23:40.472481Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:01:45.175Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T17:51:08",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200924 Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ethport-dos-xtjTt8pY"
}
],
"source": {
"advisory": "cisco-sa-ap-ethport-dos-xtjTt8pY",
"defect": [
[
"CSCvq94716"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-09-24T16:00:00",
"ID": "CVE-2020-3552",
"STATE": "PUBLIC",
"TITLE": "Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Aironet Access Point Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.4",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200924 Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ethport-dos-xtjTt8pY"
}
]
},
"source": {
"advisory": "cisco-sa-ap-ethport-dos-xtjTt8pY",
"defect": [
[
"CSCvq94716"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3552",
"datePublished": "2020-09-24T17:51:08.669654Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:01:45.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-1419
Vulnerability from cvelistv5
Published
2016-06-10 01:00
Modified
2024-08-05 22:55
Severity ?
EPSS score ?
Summary
Cisco Access Point devices with software 8.2(102.43) allow remote attackers to cause a denial of service (device reload) via crafted ARP packets, aka Bug ID CSCuy55803.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160608-aironet | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1036626 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:55:14.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160609 Cisco Aironet 3800 Series Access Point Platforms ARP Request Handling Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160608-aironet"
},
{
"name": "1036626",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036626"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Access Point devices with software 8.2(102.43) allow remote attackers to cause a denial of service (device reload) via crafted ARP packets, aka Bug ID CSCuy55803."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-15T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20160609 Cisco Aironet 3800 Series Access Point Platforms ARP Request Handling Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160608-aironet"
},
{
"name": "1036626",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036626"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1419",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Access Point devices with software 8.2(102.43) allow remote attackers to cause a denial of service (device reload) via crafted ARP packets, aka Bug ID CSCuy55803."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160609 Cisco Aironet 3800 Series Access Point Platforms ARP Request Handling Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160608-aironet"
},
{
"name": "1036626",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036626"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-1419",
"datePublished": "2016-06-10T01:00:00",
"dateReserved": "2016-01-04T00:00:00",
"dateUpdated": "2024-08-05T22:55:14.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1449
Vulnerability from cvelistv5
Published
2021-03-24 20:06
Modified
2024-11-08 23:34
Severity ?
EPSS score ?
Summary
A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploit this vulnerability by modifying a specific file that is stored on the system, which would allow the attacker to bypass existing protections. A successful exploit could allow the attacker to execute unsigned code at boot time and bypass the software image verification check part of the secure boot process of an affected device. Note: To exploit this vulnerability, the attacker would need to have access to the development shell (devshell) on the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-privesc-wEVfp8Ud | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Aironet Access Point Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.222Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210324 Cisco Access Point Software Arbitrary Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-privesc-wEVfp8Ud"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1449",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:20:17.500491Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:34:48.853Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploit this vulnerability by modifying a specific file that is stored on the system, which would allow the attacker to bypass existing protections. A successful exploit could allow the attacker to execute unsigned code at boot time and bypass the software image verification check part of the secure boot process of an affected device. Note: To exploit this vulnerability, the attacker would need to have access to the development shell (devshell) on the device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-24T20:06:26",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210324 Cisco Access Point Software Arbitrary Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-privesc-wEVfp8Ud"
}
],
"source": {
"advisory": "cisco-sa-ap-privesc-wEVfp8Ud",
"defect": [
[
"CSCvw45507"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Access Point Software Arbitrary Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-03-24T16:00:00",
"ID": "CVE-2021-1449",
"STATE": "PUBLIC",
"TITLE": "Cisco Access Point Software Arbitrary Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Aironet Access Point Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploit this vulnerability by modifying a specific file that is stored on the system, which would allow the attacker to bypass existing protections. A successful exploit could allow the attacker to execute unsigned code at boot time and bypass the software image verification check part of the secure boot process of an affected device. Note: To exploit this vulnerability, the attacker would need to have access to the development shell (devshell) on the device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210324 Cisco Access Point Software Arbitrary Code Execution Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-privesc-wEVfp8Ud"
}
]
},
"source": {
"advisory": "cisco-sa-ap-privesc-wEVfp8Ud",
"defect": [
[
"CSCvw45507"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1449",
"datePublished": "2021-03-24T20:06:26.339367Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:34:48.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-6026
Vulnerability from cvelistv5
Published
2013-03-03 00:00
Modified
2024-08-06 21:21
Severity ?
EPSS score ?
Summary
The HTTP Profiler on the Cisco Aironet Access Point with software 15.2 and earlier does not properly manage buffers, which allows remote attackers to cause a denial of service (device reload) via crafted HTTP requests, aka Bug ID CSCuc62460.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=28436 | x_refsource_CONFIRM | |
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-6026 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:21:28.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=28436"
},
{
"name": "20130228 Cisco Aironet Access Point Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-6026"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The HTTP Profiler on the Cisco Aironet Access Point with software 15.2 and earlier does not properly manage buffers, which allows remote attackers to cause a denial of service (device reload) via crafted HTTP requests, aka Bug ID CSCuc62460."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-23T09:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=28436"
},
{
"name": "20130228 Cisco Aironet Access Point Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-6026"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-6026",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HTTP Profiler on the Cisco Aironet Access Point with software 15.2 and earlier does not properly manage buffers, which allows remote attackers to cause a denial of service (device reload) via crafted HTTP requests, aka Bug ID CSCuc62460."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=28436",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=28436"
},
{
"name": "20130228 Cisco Aironet Access Point Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-6026"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-6026",
"datePublished": "2013-03-03T00:00:00",
"dateReserved": "2012-11-21T00:00:00",
"dateUpdated": "2024-08-06T21:21:28.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20056
Vulnerability from cvelistv5
Published
2023-03-23 00:00
Modified
2024-10-25 16:02
Severity ?
EPSS score ?
Summary
A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to cause an affected device to reload spontaneously, resulting in a DoS condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Aironet Access Point Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20230322 Cisco Access Point Software Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-cli-dos-tc2EKEpu"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20056",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T14:36:14.194265Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T16:02:56.470Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2023-03-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to cause an affected device to reload spontaneously, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-23T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20230322 Cisco Access Point Software Denial of Service Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-cli-dos-tc2EKEpu"
}
],
"source": {
"advisory": "cisco-sa-ap-cli-dos-tc2EKEpu",
"defect": [
[
"CSCwc61122"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Access Point Software Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20056",
"datePublished": "2023-03-23T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-10-25T16:02:56.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-6361
Vulnerability from cvelistv5
Published
2016-08-22 10:00
Modified
2024-08-06 01:29
Severity ?
EPSS score ?
Summary
The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/92508 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1036648 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:29:19.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160817 Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms AMPDU Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap"
},
{
"name": "92508",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92508"
},
{
"name": "1036648",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036648"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T20:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20160817 Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms AMPDU Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap"
},
{
"name": "92508",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92508"
},
{
"name": "1036648",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036648"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-6361",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160817 Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms AMPDU Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap"
},
{
"name": "92508",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92508"
},
{
"name": "1036648",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036648"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-6361",
"datePublished": "2016-08-22T10:00:00",
"dateReserved": "2016-07-26T00:00:00",
"dateUpdated": "2024-08-06T01:29:19.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-3831
Vulnerability from cvelistv5
Published
2017-03-15 20:00
Modified
2024-08-05 14:39
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for accessing certain web pages using the GUI interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected system. A successful exploit could allow the attacker to bypass authentication and perform unauthorized configuration changes or issue control commands to the affected device. This vulnerability affects Cisco Mobility Express 1800 Series Access Points running a software version prior to 8.2.110.0. Cisco Bug IDs: CSCuy68219.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/96909 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco Mobility Express 1800 Access Point Series |
Version: Cisco Mobility Express 1800 Access Point Series |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:41.294Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96909",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96909"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Mobility Express 1800 Access Point Series",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Mobility Express 1800 Access Point Series"
}
]
}
],
"datePublic": "2017-03-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for accessing certain web pages using the GUI interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected system. A successful exploit could allow the attacker to bypass authentication and perform unauthorized configuration changes or issue control commands to the affected device. This vulnerability affects Cisco Mobility Express 1800 Series Access Points running a software version prior to 8.2.110.0. Cisco Bug IDs: CSCuy68219."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "Authentication Bypass Vulnerability CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-16T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "96909",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96909"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-3831",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Mobility Express 1800 Access Point Series",
"version": {
"version_data": [
{
"version_value": "Cisco Mobility Express 1800 Access Point Series"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for accessing certain web pages using the GUI interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected system. A successful exploit could allow the attacker to bypass authentication and perform unauthorized configuration changes or issue control commands to the affected device. This vulnerability affects Cisco Mobility Express 1800 Series Access Points running a software version prior to 8.2.110.0. Cisco Bug IDs: CSCuy68219."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass Vulnerability CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96909",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96909"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-3831",
"datePublished": "2017-03-15T20:00:00",
"dateReserved": "2016-12-21T00:00:00",
"dateUpdated": "2024-08-05T14:39:41.294Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1423
Vulnerability from cvelistv5
Published
2021-03-24 20:20
Modified
2024-11-08 23:30
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. This vulnerability is due to insufficient input validation for a specific command. An attacker could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to overwrite or create files with data that is already present in other files that are hosted on the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Aironet Access Point Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:16.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210324 Cisco Aironet Access Points Arbitrary File Overwrite Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1423",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:47:09.653137Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:30:28.527Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. This vulnerability is due to insufficient input validation for a specific command. An attacker could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to overwrite or create files with data that is already present in other files that are hosted on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-668",
"description": "CWE-668",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-24T20:20:38",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210324 Cisco Aironet Access Points Arbitrary File Overwrite Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb"
}
],
"source": {
"advisory": "cisco-sa-ap-foverwrt-HyVXvrtb",
"defect": [
[
"CSCvu98274"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Aironet Access Points Arbitrary File Overwrite Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-03-24T16:00:00",
"ID": "CVE-2021-1423",
"STATE": "PUBLIC",
"TITLE": "Cisco Aironet Access Points Arbitrary File Overwrite Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Aironet Access Point Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. This vulnerability is due to insufficient input validation for a specific command. An attacker could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to overwrite or create files with data that is already present in other files that are hosted on the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.4",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-668"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210324 Cisco Aironet Access Points Arbitrary File Overwrite Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb"
}
]
},
"source": {
"advisory": "cisco-sa-ap-foverwrt-HyVXvrtb",
"defect": [
[
"CSCvu98274"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1423",
"datePublished": "2021-03-24T20:20:38.878927Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:30:28.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-6336
Vulnerability from cvelistv5
Published
2016-01-15 02:00
Modified
2024-08-06 07:15
Severity ?
EPSS score ?
Summary
Cisco Aironet 1800 devices with software 7.2, 7.3, 7.4, 8.1(112.3), 8.1(112.4), and 8.1(15.14) have a default account, which makes it easier for remote attackers to obtain access via unspecified vectors, aka Bug ID CSCuw58062.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-air | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1034667 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:15:13.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160113 Cisco Aironet 1800 Series Access Point Default Static Account Credentials Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-air"
},
{
"name": "1034667",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034667"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Aironet 1800 devices with software 7.2, 7.3, 7.4, 8.1(112.3), 8.1(112.4), and 8.1(15.14) have a default account, which makes it easier for remote attackers to obtain access via unspecified vectors, aka Bug ID CSCuw58062."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20160113 Cisco Aironet 1800 Series Access Point Default Static Account Credentials Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-air"
},
{
"name": "1034667",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034667"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-6336",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Aironet 1800 devices with software 7.2, 7.3, 7.4, 8.1(112.3), 8.1(112.4), and 8.1(15.14) have a default account, which makes it easier for remote attackers to obtain access via unspecified vectors, aka Bug ID CSCuw58062."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160113 Cisco Aironet 1800 Series Access Point Default Static Account Credentials Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-air"
},
{
"name": "1034667",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034667"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-6336",
"datePublished": "2016-01-15T02:00:00",
"dateReserved": "2015-08-17T00:00:00",
"dateUpdated": "2024-08-06T07:15:13.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1439
Vulnerability from cvelistv5
Published
2021-03-24 20:05
Modified
2024-11-08 23:35
Severity ?
EPSS score ?
Summary
A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of incoming mDNS traffic. An attacker could exploit this vulnerability by sending a crafted mDNS packet to an affected device through a wireless network that is configured in FlexConnect local switching mode or through a wired network on a configured mDNS VLAN. A successful exploit could allow the attacker to cause the access point (AP) to reboot, resulting in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-mdns-dos-E6KwYuMx | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Aironet Access Point Software (IOS XE Controller) |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210324 Cisco Aironet Access Points FlexConnect Multicast DNS Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-mdns-dos-E6KwYuMx"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1439",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:47:52.982116Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:35:37.324Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software (IOS XE Controller)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of incoming mDNS traffic. An attacker could exploit this vulnerability by sending a crafted mDNS packet to an affected device through a wireless network that is configured in FlexConnect local switching mode or through a wired network on a configured mDNS VLAN. A successful exploit could allow the attacker to cause the access point (AP) to reboot, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-24T20:05:59",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210324 Cisco Aironet Access Points FlexConnect Multicast DNS Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-mdns-dos-E6KwYuMx"
}
],
"source": {
"advisory": "cisco-sa-aironet-mdns-dos-E6KwYuMx",
"defect": [
[
"CSCvw63560"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Aironet Access Points FlexConnect Multicast DNS Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-03-24T16:00:00",
"ID": "CVE-2021-1439",
"STATE": "PUBLIC",
"TITLE": "Cisco Aironet Access Points FlexConnect Multicast DNS Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Aironet Access Point Software (IOS XE Controller)",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of incoming mDNS traffic. An attacker could exploit this vulnerability by sending a crafted mDNS packet to an affected device through a wireless network that is configured in FlexConnect local switching mode or through a wired network on a configured mDNS VLAN. A successful exploit could allow the attacker to cause the access point (AP) to reboot, resulting in a DoS condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.4",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210324 Cisco Aironet Access Points FlexConnect Multicast DNS Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-mdns-dos-E6KwYuMx"
}
]
},
"source": {
"advisory": "cisco-sa-aironet-mdns-dos-E6KwYuMx",
"defect": [
[
"CSCvw63560"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1439",
"datePublished": "2021-03-24T20:05:59.562754Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:35:37.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34740
Vulnerability from cvelistv5
Published
2021-09-23 02:26
Modified
2024-11-07 21:58
Severity ?
EPSS score ?
Summary
A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Aironet Access Point Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.125Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210922 Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34740",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:40:33.671746Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:58:19.967Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T02:26:41",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210922 Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL"
}
],
"source": {
"advisory": "cisco-sa-airo-wpa-pktleak-dos-uSTyGrL",
"defect": [
[
"CSCvu98674"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-09-22T16:00:00",
"ID": "CVE-2021-34740",
"STATE": "PUBLIC",
"TITLE": "Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Aironet Access Point Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.4",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-401"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210922 Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL"
}
]
},
"source": {
"advisory": "cisco-sa-airo-wpa-pktleak-dos-uSTyGrL",
"defect": [
[
"CSCvu98674"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34740",
"datePublished": "2021-09-23T02:26:41.933546Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:58:19.967Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20622
Vulnerability from cvelistv5
Published
2022-04-15 14:17
Modified
2024-11-06 16:25
Severity ?
EPSS score ?
Summary
A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. The device may experience a performance degradation in traffic processing or high CPU usage prior to the unexpected reload. This vulnerability is due to improper rate limiting of IP packets to the management interface. An attacker could exploit this vulnerability by sending a steady stream of IP traffic at a high rate to the management interface of the affected device. A successful exploit could allow the attacker to cause the device to reload.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Aironet Access Point Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:17:52.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220413 Cisco Embedded Wireless Controller with Catalyst Access Points IP Flood Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20622",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T16:01:42.285519Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:25:12.614Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. The device may experience a performance degradation in traffic processing or high CPU usage prior to the unexpected reload. This vulnerability is due to improper rate limiting of IP packets to the management interface. An attacker could exploit this vulnerability by sending a steady stream of IP traffic at a high rate to the management interface of the affected device. A successful exploit could allow the attacker to cause the device to reload."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-15T14:17:04",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220413 Cisco Embedded Wireless Controller with Catalyst Access Points IP Flood Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ"
}
],
"source": {
"advisory": "cisco-sa-ap-ip-flood-dos-6hxxENVQ",
"defect": [
[
"CSCvx88847"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Embedded Wireless Controller with Catalyst Access Points IP Flood Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-04-13T16:00:00",
"ID": "CVE-2022-20622",
"STATE": "PUBLIC",
"TITLE": "Cisco Embedded Wireless Controller with Catalyst Access Points IP Flood Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Aironet Access Point Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. The device may experience a performance degradation in traffic processing or high CPU usage prior to the unexpected reload. This vulnerability is due to improper rate limiting of IP packets to the management interface. An attacker could exploit this vulnerability by sending a steady stream of IP traffic at a high rate to the management interface of the affected device. A successful exploit could allow the attacker to cause the device to reload."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220413 Cisco Embedded Wireless Controller with Catalyst Access Points IP Flood Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ"
}
]
},
"source": {
"advisory": "cisco-sa-ap-ip-flood-dos-6hxxENVQ",
"defect": [
[
"CSCvx88847"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20622",
"datePublished": "2022-04-15T14:17:04.918191Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-06T16:25:12.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3559
Vulnerability from cvelistv5
Published
2020-09-24 17:51
Modified
2024-11-13 18:01
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-h3DCuLXw | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Aironet Access Point Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200924 Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-h3DCuLXw"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3559",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:23:42.435777Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:01:53.802Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T17:51:04",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200924 Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-h3DCuLXw"
}
],
"source": {
"advisory": "cisco-sa-aironet-dos-h3DCuLXw",
"defect": [
[
"CSCvr68273"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-09-24T16:00:00",
"ID": "CVE-2020-3559",
"STATE": "PUBLIC",
"TITLE": "Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Aironet Access Point Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.8",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200924 Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-h3DCuLXw"
}
]
},
"source": {
"advisory": "cisco-sa-aironet-dos-h3DCuLXw",
"defect": [
[
"CSCvr68273"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3559",
"datePublished": "2020-09-24T17:51:04.117021Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:01:53.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-6367
Vulnerability from cvelistv5
Published
2015-11-14 02:00
Modified
2024-08-06 07:22
Severity ?
EPSS score ?
Summary
Cisco Aironet 1800 devices with software 8.1(131.0) allow remote attackers to cause a denial of service (CPU consumption) by improperly establishing many SSHv2 connections, aka Bug ID CSCux13374.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151113-aironet | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1034157 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:22:20.772Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20151113 Cisco Aironet 1800 Series Access Point SSHv2 Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151113-aironet"
},
{
"name": "1034157",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034157"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Aironet 1800 devices with software 8.1(131.0) allow remote attackers to cause a denial of service (CPU consumption) by improperly establishing many SSHv2 connections, aka Bug ID CSCux13374."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T22:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20151113 Cisco Aironet 1800 Series Access Point SSHv2 Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151113-aironet"
},
{
"name": "1034157",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034157"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-6367",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Aironet 1800 devices with software 8.1(131.0) allow remote attackers to cause a denial of service (CPU consumption) by improperly establishing many SSHv2 connections, aka Bug ID CSCux13374."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20151113 Cisco Aironet 1800 Series Access Point SSHv2 Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151113-aironet"
},
{
"name": "1034157",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034157"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-6367",
"datePublished": "2015-11-14T02:00:00",
"dateReserved": "2015-08-17T00:00:00",
"dateUpdated": "2024-08-06T07:22:20.772Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20097
Vulnerability from cvelistv5
Published
2023-03-23 00:00
Modified
2024-10-25 16:02
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to gain full root access on the AP.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Aironet Access Point Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20230322 Cisco Access Point Software Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20097",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T14:36:03.962449Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T16:02:19.565Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2023-03-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to gain full root access on the AP."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-23T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20230322 Cisco Access Point Software Command Injection Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8"
}
],
"source": {
"advisory": "cisco-sa-aironetap-cmdinj-6bjT4FL8",
"defect": [
[
"CSCwc70131"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Access Point Software Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20097",
"datePublished": "2023-03-23T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-10-25T16:02:19.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0234
Vulnerability from cvelistv5
Published
2018-05-02 22:00
Modified
2024-11-29 15:13
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of Point-to-Point Tunneling Protocol (PPTP) functionality in Cisco Aironet 1810, 1830, and 1850 Series Access Points could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Generic Routing Encapsulation (GRE) frames that pass through the data plane of an affected access point. An attacker could exploit this vulnerability by initiating a PPTP connection to an affected access point from a device that is registered to the same wireless network as the access point and sending a malicious GRE frame through the data plane of the access point. A successful exploit could allow the attacker to cause the NSS core process on the affected access point to crash, which would cause the access point to reload and result in a DoS condition. This vulnerability affects Cisco Aironet 1810, 1830, and 1850 Series Access Points that are running Cisco Mobility Express Software Release 8.4.100.0, 8.5.103.0, or 8.5.105.0 and are configured as a master, subordinate, or standalone access point. Cisco Bug IDs: CSCvf73890.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-ptp | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/104081 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1040820 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-pptp-dos | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco Aironet 1810, 1830, and 1850 Series Access Points |
Version: Cisco Aironet 1810, 1830, and 1850 Series Access Points |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:14.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-ptp"
},
{
"name": "104081",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104081"
},
{
"name": "1040820",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040820"
},
{
"name": "20191016 Cisco Aironet Access Points Point-to-Point Tunneling Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-pptp-dos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0234",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:44:15.441258Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:13:47.589Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet 1810, 1830, and 1850 Series Access Points",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Aironet 1810, 1830, and 1850 Series Access Points"
}
]
}
],
"datePublic": "2018-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of Point-to-Point Tunneling Protocol (PPTP) functionality in Cisco Aironet 1810, 1830, and 1850 Series Access Points could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Generic Routing Encapsulation (GRE) frames that pass through the data plane of an affected access point. An attacker could exploit this vulnerability by initiating a PPTP connection to an affected access point from a device that is registered to the same wireless network as the access point and sending a malicious GRE frame through the data plane of the access point. A successful exploit could allow the attacker to cause the NSS core process on the affected access point to crash, which would cause the access point to reload and result in a DoS condition. This vulnerability affects Cisco Aironet 1810, 1830, and 1850 Series Access Points that are running Cisco Mobility Express Software Release 8.4.100.0, 8.5.103.0, or 8.5.105.0 and are configured as a master, subordinate, or standalone access point. Cisco Bug IDs: CSCvf73890."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-16T18:06:10",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-ptp"
},
{
"name": "104081",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104081"
},
{
"name": "1040820",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040820"
},
{
"name": "20191016 Cisco Aironet Access Points Point-to-Point Tunneling Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-pptp-dos"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0234",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Aironet 1810, 1830, and 1850 Series Access Points",
"version": {
"version_data": [
{
"version_value": "Cisco Aironet 1810, 1830, and 1850 Series Access Points"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the implementation of Point-to-Point Tunneling Protocol (PPTP) functionality in Cisco Aironet 1810, 1830, and 1850 Series Access Points could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Generic Routing Encapsulation (GRE) frames that pass through the data plane of an affected access point. An attacker could exploit this vulnerability by initiating a PPTP connection to an affected access point from a device that is registered to the same wireless network as the access point and sending a malicious GRE frame through the data plane of the access point. A successful exploit could allow the attacker to cause the NSS core process on the affected access point to crash, which would cause the access point to reload and result in a DoS condition. This vulnerability affects Cisco Aironet 1810, 1830, and 1850 Series Access Points that are running Cisco Mobility Express Software Release 8.4.100.0, 8.5.103.0, or 8.5.105.0 and are configured as a master, subordinate, or standalone access point. Cisco Bug IDs: CSCvf73890."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-ptp",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-ptp"
},
{
"name": "104081",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104081"
},
{
"name": "1040820",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040820"
},
{
"name": "20191016 Cisco Aironet Access Points Point-to-Point Tunneling Protocol Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-pptp-dos"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0234",
"datePublished": "2018-05-02T22:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T15:13:47.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-6363
Vulnerability from cvelistv5
Published
2016-08-22 10:00
Modified
2024-08-06 01:29
Severity ?
EPSS score ?
Summary
The rate-limit feature in the 802.11 protocol implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via crafted 802.11 frames, aka Bug ID CSCva06192.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1036645 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap2 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/92511 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:29:19.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036645",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036645"
},
{
"name": "20160817 Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms 802.11 Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap2"
},
{
"name": "92511",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92511"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The rate-limit feature in the 802.11 protocol implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via crafted 802.11 frames, aka Bug ID CSCva06192."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T20:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1036645",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036645"
},
{
"name": "20160817 Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms 802.11 Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap2"
},
{
"name": "92511",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92511"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-6363",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The rate-limit feature in the 802.11 protocol implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via crafted 802.11 frames, aka Bug ID CSCva06192."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036645",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036645"
},
{
"name": "20160817 Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms 802.11 Protocol Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap2"
},
{
"name": "92511",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92511"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-6363",
"datePublished": "2016-08-22T10:00:00",
"dateReserved": "2016-07-26T00:00:00",
"dateUpdated": "2024-08-06T01:29:19.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3560
Vulnerability from cvelistv5
Published
2020-09-24 17:50
Modified
2024-11-13 18:02
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-VHr2zG9y | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Aironet Access Point Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200924 Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-VHr2zG9y"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3560",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:12:51.980714Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:02:03.327Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T17:50:59",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200924 Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-VHr2zG9y"
}
],
"source": {
"advisory": "cisco-sa-aironet-dos-VHr2zG9y",
"defect": [
[
"CSCvr85609",
"CSCvr85614"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-09-24T16:00:00",
"ID": "CVE-2020-3560",
"STATE": "PUBLIC",
"TITLE": "Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Aironet Access Point Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200924 Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-dos-VHr2zG9y"
}
]
},
"source": {
"advisory": "cisco-sa-aironet-dos-VHr2zG9y",
"defect": [
[
"CSCvr85609",
"CSCvr85614"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3560",
"datePublished": "2020-09-24T17:50:59.499854Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:02:03.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0247
Vulnerability from cvelistv5
Published
2018-05-02 22:00
Modified
2024-11-29 15:13
Severity ?
EPSS score ?
Summary
A vulnerability in Web Authentication (WebAuth) clients for the Cisco Wireless LAN Controller (WLC) and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulnerability is due to incorrect implementation of authentication for WebAuth clients in a specific configuration. An attacker could exploit this vulnerability by sending traffic to local network resources without having gone through authentication. A successful exploit could allow the attacker to bypass authentication and pass traffic. This affects Cisco Aironet Access Points running Cisco IOS Software and Cisco Wireless LAN Controller (WLC) releases prior to 8.5.110.0 for the following specific WLC configuration only: (1) The Access Point (AP) is configured in FlexConnect Mode with NAT. (2) The WLAN is configured for central switching, meaning the client is being assigned a unique IP address. (3) The AP is configured with a Split Tunnel access control list (ACL) for access to local network resources, meaning the AP is doing the NAT on the connection. (4) The client is using WebAuth. This vulnerability does not apply to .1x clients in the same configuration. Cisco Bug IDs: CSCvc79502, CSCvf71789.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/104087 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1040815 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-auth | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1040814 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco Wireless LAN Controller and Aironet Access Points |
Version: Cisco Wireless LAN Controller and Aironet Access Points |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:14.408Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104087",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104087"
},
{
"name": "1040815",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040815"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-auth"
},
{
"name": "1040814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040814"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0247",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:38:16.700940Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:13:20.271Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Wireless LAN Controller and Aironet Access Points",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Wireless LAN Controller and Aironet Access Points"
}
]
}
],
"datePublic": "2018-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Web Authentication (WebAuth) clients for the Cisco Wireless LAN Controller (WLC) and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulnerability is due to incorrect implementation of authentication for WebAuth clients in a specific configuration. An attacker could exploit this vulnerability by sending traffic to local network resources without having gone through authentication. A successful exploit could allow the attacker to bypass authentication and pass traffic. This affects Cisco Aironet Access Points running Cisco IOS Software and Cisco Wireless LAN Controller (WLC) releases prior to 8.5.110.0 for the following specific WLC configuration only: (1) The Access Point (AP) is configured in FlexConnect Mode with NAT. (2) The WLAN is configured for central switching, meaning the client is being assigned a unique IP address. (3) The AP is configured with a Split Tunnel access control list (ACL) for access to local network resources, meaning the AP is doing the NAT on the connection. (4) The client is using WebAuth. This vulnerability does not apply to .1x clients in the same configuration. Cisco Bug IDs: CSCvc79502, CSCvf71789."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-08T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "104087",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104087"
},
{
"name": "1040815",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040815"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-auth"
},
{
"name": "1040814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040814"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Wireless LAN Controller and Aironet Access Points",
"version": {
"version_data": [
{
"version_value": "Cisco Wireless LAN Controller and Aironet Access Points"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Web Authentication (WebAuth) clients for the Cisco Wireless LAN Controller (WLC) and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulnerability is due to incorrect implementation of authentication for WebAuth clients in a specific configuration. An attacker could exploit this vulnerability by sending traffic to local network resources without having gone through authentication. A successful exploit could allow the attacker to bypass authentication and pass traffic. This affects Cisco Aironet Access Points running Cisco IOS Software and Cisco Wireless LAN Controller (WLC) releases prior to 8.5.110.0 for the following specific WLC configuration only: (1) The Access Point (AP) is configured in FlexConnect Mode with NAT. (2) The WLAN is configured for central switching, meaning the client is being assigned a unique IP address. (3) The AP is configured with a Split Tunnel access control list (ACL) for access to local network resources, meaning the AP is doing the NAT on the connection. (4) The client is using WebAuth. This vulnerability does not apply to .1x clients in the same configuration. Cisco Bug IDs: CSCvc79502, CSCvf71789."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104087",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104087"
},
{
"name": "1040815",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040815"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-auth",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-auth"
},
{
"name": "1040814",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040814"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0247",
"datePublished": "2018-05-02T22:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T15:13:20.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-6362
Vulnerability from cvelistv5
Published
2016-08-22 10:00
Modified
2024-08-06 01:29
Severity ?
EPSS score ?
Summary
Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1036644 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/92513 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap1 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:29:19.478Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036644",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036644"
},
{
"name": "92513",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92513"
},
{
"name": "20160817 Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms CLI Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T20:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1036644",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036644"
},
{
"name": "92513",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92513"
},
{
"name": "20160817 Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms CLI Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-6362",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036644",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036644"
},
{
"name": "92513",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92513"
},
{
"name": "20160817 Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms CLI Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-6362",
"datePublished": "2016-08-22T10:00:00",
"dateReserved": "2016-07-26T00:00:00",
"dateUpdated": "2024-08-06T01:29:19.478Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-9220
Vulnerability from cvelistv5
Published
2017-01-26 07:45
Modified
2024-08-06 02:42
Severity ?
EPSS score ?
Summary
A Denial of Service Vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause the connection table to be full of invalid connections and be unable to process new incoming requests. More Information: CSCvb66659. Known Affected Releases: 8.2(130.0). Known Fixed Releases: 8.2(131.10) 8.2(131.6) 8.2(141.0) 8.3(104.56) 8.4(1.88) 8.4(1.91).
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme1 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/95633 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco Mobility Express 2800 and 3800 |
Version: Cisco Mobility Express 2800 and 3800 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:42:11.206Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme1"
},
{
"name": "95633",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95633"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Mobility Express 2800 and 3800",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Mobility Express 2800 and 3800"
}
]
}
],
"datePublic": "2017-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service Vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause the connection table to be full of invalid connections and be unable to process new incoming requests. More Information: CSCvb66659. Known Affected Releases: 8.2(130.0). Known Fixed Releases: 8.2(131.10) 8.2(131.6) 8.2(141.0) 8.3(104.56) 8.4(1.88) 8.4(1.91)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "unspecified",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-26T10:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme1"
},
{
"name": "95633",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95633"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-9220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Mobility Express 2800 and 3800",
"version": {
"version_data": [
{
"version_value": "Cisco Mobility Express 2800 and 3800"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Denial of Service Vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause the connection table to be full of invalid connections and be unable to process new incoming requests. More Information: CSCvb66659. Known Affected Releases: 8.2(130.0). Known Fixed Releases: 8.2(131.10) 8.2(131.6) 8.2(141.0) 8.3(104.56) 8.4(1.88) 8.4(1.91)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme1",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme1"
},
{
"name": "95633",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95633"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-9220",
"datePublished": "2017-01-26T07:45:00",
"dateReserved": "2016-11-06T00:00:00",
"dateUpdated": "2024-08-06T02:42:11.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1437
Vulnerability from cvelistv5
Published
2021-03-24 20:05
Modified
2024-11-08 23:35
Severity ?
EPSS score ?
Summary
A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, remote attacker to obtain confidential information from an affected device. This vulnerability is due to an unrestricted Trivial File Transfer Protocol (TFTP) configuration. An attacker could exploit this vulnerability by sending a specific TFTP request to an affected device. A successful exploit could allow the attacker to download any file from the filesystem of the affected access point (AP).
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-info-disc-BfWqghj | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Aironet Access Point Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.318Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210324 Cisco Aironet Access Points FlexConnect Upgrade Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-info-disc-BfWqghj"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1437",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:03:34.816994Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:35:47.063Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet Access Point Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, remote attacker to obtain confidential information from an affected device. This vulnerability is due to an unrestricted Trivial File Transfer Protocol (TFTP) configuration. An attacker could exploit this vulnerability by sending a specific TFTP request to an affected device. A successful exploit could allow the attacker to download any file from the filesystem of the affected access point (AP)."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-275",
"description": "CWE-275",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-24T20:05:54",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210324 Cisco Aironet Access Points FlexConnect Upgrade Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-info-disc-BfWqghj"
}
],
"source": {
"advisory": "cisco-sa-aironet-info-disc-BfWqghj",
"defect": [
[
"CSCvv91666"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Aironet Access Points FlexConnect Upgrade Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-03-24T16:00:00",
"ID": "CVE-2021-1437",
"STATE": "PUBLIC",
"TITLE": "Cisco Aironet Access Points FlexConnect Upgrade Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Aironet Access Point Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, remote attacker to obtain confidential information from an affected device. This vulnerability is due to an unrestricted Trivial File Transfer Protocol (TFTP) configuration. An attacker could exploit this vulnerability by sending a specific TFTP request to an affected device. A successful exploit could allow the attacker to download any file from the filesystem of the affected access point (AP)."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.5",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-275"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210324 Cisco Aironet Access Points FlexConnect Upgrade Information Disclosure Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-info-disc-BfWqghj"
}
]
},
"source": {
"advisory": "cisco-sa-aironet-info-disc-BfWqghj",
"defect": [
[
"CSCvv91666"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1437",
"datePublished": "2021-03-24T20:05:54.399456Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:35:47.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0249
Vulnerability from cvelistv5
Published
2018-05-02 22:00
Modified
2024-11-29 15:13
Severity ?
EPSS score ?
Summary
A vulnerability when handling incoming 802.11 Association Requests for Cisco Aironet 1800 Series Access Point (APs) on Qualcomm Atheros (QCA) based hardware platforms could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. A successful exploit could prevent new clients from joining the AP. The vulnerability is due to incorrect handling of malformed or invalid 802.11 Association Requests. An attacker could exploit this vulnerability by sending a malformed stream of 802.11 Association Requests to the local interface of the targeted device. A successful exploit could allow the attacker to cause a DoS situation on an affected system, causing new client 802.11 Association Requests to fail. This vulnerability affects the following Cisco products: Aironet 1560 Series Access Points, Aironet 1810 Series OfficeExtend Access Points, Aironet 1810w Series Access Points, Aironet 1815 Series Access Points, Aironet 1830 Series Access Points, Aironet 1850 Series Access Points, Aironet 2800 Series Access Points, Aironet 3800 Series Access Points. Cisco Bug IDs: CSCvg02116.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1040816 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-dos | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco Aironet 1800 Series Access Point |
Version: Cisco Aironet 1800 Series Access Point |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:14.726Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040816",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040816"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-dos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0249",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:38:14.878081Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:13:11.662Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Aironet 1800 Series Access Point",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Aironet 1800 Series Access Point"
}
]
}
],
"datePublic": "2018-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability when handling incoming 802.11 Association Requests for Cisco Aironet 1800 Series Access Point (APs) on Qualcomm Atheros (QCA) based hardware platforms could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. A successful exploit could prevent new clients from joining the AP. The vulnerability is due to incorrect handling of malformed or invalid 802.11 Association Requests. An attacker could exploit this vulnerability by sending a malformed stream of 802.11 Association Requests to the local interface of the targeted device. A successful exploit could allow the attacker to cause a DoS situation on an affected system, causing new client 802.11 Association Requests to fail. This vulnerability affects the following Cisco products: Aironet 1560 Series Access Points, Aironet 1810 Series OfficeExtend Access Points, Aironet 1810w Series Access Points, Aironet 1815 Series Access Points, Aironet 1830 Series Access Points, Aironet 1850 Series Access Points, Aironet 2800 Series Access Points, Aironet 3800 Series Access Points. Cisco Bug IDs: CSCvg02116."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-04T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1040816",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040816"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-dos"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0249",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Aironet 1800 Series Access Point",
"version": {
"version_data": [
{
"version_value": "Cisco Aironet 1800 Series Access Point"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability when handling incoming 802.11 Association Requests for Cisco Aironet 1800 Series Access Point (APs) on Qualcomm Atheros (QCA) based hardware platforms could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. A successful exploit could prevent new clients from joining the AP. The vulnerability is due to incorrect handling of malformed or invalid 802.11 Association Requests. An attacker could exploit this vulnerability by sending a malformed stream of 802.11 Association Requests to the local interface of the targeted device. A successful exploit could allow the attacker to cause a DoS situation on an affected system, causing new client 802.11 Association Requests to fail. This vulnerability affects the following Cisco products: Aironet 1560 Series Access Points, Aironet 1810 Series OfficeExtend Access Points, Aironet 1810w Series Access Points, Aironet 1815 Series Access Points, Aironet 1830 Series Access Points, Aironet 1850 Series Access Points, Aironet 2800 Series Access Points, Aironet 3800 Series Access Points. Cisco Bug IDs: CSCvg02116."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040816",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040816"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-dos",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-dos"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0249",
"datePublished": "2018-05-02T22:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T15:13:11.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-6315
Vulnerability from cvelistv5
Published
2015-10-13 00:00
Modified
2024-08-06 07:15
Severity ?
EPSS score ?
Summary
Cisco Aironet 1850 access points with software 8.1(112.4) allow local users to gain privileges via crafted CLI commands, aka Bug ID CSCuv79694.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151005-aironet | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1033746 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:15:13.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20151005 Cisco Aironet 1850 Access Point Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151005-aironet"
},
{
"name": "1033746",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033746"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Aironet 1850 access points with software 8.1(112.4) allow local users to gain privileges via crafted CLI commands, aka Bug ID CSCuv79694."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-06T18:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20151005 Cisco Aironet 1850 Access Point Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151005-aironet"
},
{
"name": "1033746",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033746"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-6315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Aironet 1850 access points with software 8.1(112.4) allow local users to gain privileges via crafted CLI commands, aka Bug ID CSCuv79694."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20151005 Cisco Aironet 1850 Access Point Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151005-aironet"
},
{
"name": "1033746",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033746"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-6315",
"datePublished": "2015-10-13T00:00:00",
"dateReserved": "2015-08-17T00:00:00",
"dateUpdated": "2024-08-06T07:15:13.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}