cnvd - cnvd-2019-01902

CNVD-2019-01902

Vulnerability from cnvd - Published: 2019-01-18

Title

多款Cisco产品Mobility Express Software拒绝服务漏洞

Description

Cisco Aironet 1560 Series Access Point等都是美国思科（Cisco）公司的无线接入点设备。 Mobility Express（ME）Software是运行在其中的一套管理控制软件。多款Cisco产品中的ME Software存在安全漏洞。物理位置邻近的攻击者可利用该漏洞造成拒绝服务。

Severity

中

Patch Name

多款Cisco产品Mobility Express Software拒绝服务漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvh21953

Reference

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvh21953

Impacted products

Name
['Cisco Aironet 3800 Series Access Point', 'Cisco Aironet 2800 Series Access Point', 'Cisco Aironet 1800 Series Access Points', 'Cisco Aironet 1560 Series Access Point']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "105685"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-0381",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0381"
    }
  },
  "description": "Cisco Aironet 1560 Series Access Point\u7b49\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u65e0\u7ebf\u63a5\u5165\u70b9\u8bbe\u5907\u3002\nMobility Express\uff08ME\uff09Software\u662f\u8fd0\u884c\u5728\u5176\u4e2d\u7684\u4e00\u5957\u7ba1\u7406\u63a7\u5236\u8f6f\u4ef6\u3002\n\n\u591a\u6b3eCisco\u4ea7\u54c1\u4e2d\u7684ME Software\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u7269\u7406\u4f4d\u7f6e\u90bb\u8fd1\u7684\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://bst.cloudapps.cisco.com/bugsearch/bug/CSCvh21953",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-01902",
  "openTime": "2019-01-18",
  "patchDescription": "Cisco Aironet 1560 Series Access Point\u7b49\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u65e0\u7ebf\u63a5\u5165\u70b9\u8bbe\u5907\u3002\r\nMobility Express\uff08ME\uff09Software\u662f\u8fd0\u884c\u5728\u5176\u4e2d\u7684\u4e00\u5957\u7ba1\u7406\u63a7\u5236\u8f6f\u4ef6\u3002\r\n\r\n\u591a\u6b3eCisco\u4ea7\u54c1\u4e2d\u7684ME Software\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u7269\u7406\u4f4d\u7f6e\u90bb\u8fd1\u7684\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eCisco\u4ea7\u54c1Mobility Express Software\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Aironet 3800 Series Access Point",
      "Cisco Aironet 2800 Series Access Point",
      "Cisco Aironet 1800 Series Access Points",
      "Cisco Aironet 1560 Series Access Point"
    ]
  },
  "referenceLink": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvh21953",
  "serverity": "\u4e2d",
  "submitTime": "2018-10-19",
  "title": "\u591a\u6b3eCisco\u4ea7\u54c1Mobility Express Software\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

CVE-2018-0381 (GCVE-0-2018-0381)

Vulnerability from cvelistv5 – Published: 2018-10-17 22:00 – Updated: 2024-11-26 14:24

Title

Cisco Aironet 1560, 1800, 2800, and 3800 Series Access Points Denial of Service Vulnerability

Summary

A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a deadlock condition that may occur when an affected AP attempts to dequeue aggregated traffic that is destined to an attacker-controlled wireless client. An attacker who can successfully transition between multiple Service Set Identifiers (SSIDs) hosted on the same AP while replicating the required traffic patterns could trigger the deadlock condition. A watchdog timer that detects the condition will trigger a reload of the device, resulting in a DoS condition while the device restarts.

Severity ?

5.8 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400

Assigner

cisco

References

URL

Tags

	http://www.securitytracker.com/id/1041929	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/105685	vdb-entryx_refsource_BID
	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Aironet Access Points	Affected: 8.2 Affected: 8.3 Affected: 8.5 Affected: 8.7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:15.492Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1041929",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041929"
          },
          {
            "name": "105685",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105685"
          },
          {
            "name": "20181017 Cisco Aironet 1560, 1800, 2800, and 3800 Series Access Points Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-aironet-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0381",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-25T18:47:33.199764Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T14:24:47.453Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Aironet Access Points",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "8.2"
            },
            {
              "status": "affected",
              "version": "8.3"
            },
            {
              "status": "affected",
              "version": "8.5"
            },
            {
              "status": "affected",
              "version": "8.7"
            }
          ]
        }
      ],
      "datePublic": "2018-10-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a deadlock condition that may occur when an affected AP attempts to dequeue aggregated traffic that is destined to an attacker-controlled wireless client. An attacker who can successfully transition between multiple Service Set Identifiers (SSIDs) hosted on the same AP while replicating the required traffic patterns could trigger the deadlock condition. A watchdog timer that detects the condition will trigger a reload of the device, resulting in a DoS condition while the device restarts."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-23T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1041929",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041929"
        },
        {
          "name": "105685",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105685"
        },
        {
          "name": "20181017 Cisco Aironet 1560, 1800, 2800, and 3800 Series Access Points Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-aironet-dos"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20181017-aironet-dos",
        "defect": [
          [
            "CSCvh21953"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Aironet 1560, 1800, 2800, and 3800 Series Access Points Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2018-10-17T16:00:00-0500",
          "ID": "CVE-2018-0381",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Aironet 1560, 1800, 2800, and 3800 Series Access Points Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Aironet Access Points",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "8.2"
                          },
                          {
                            "version_value": "8.3"
                          },
                          {
                            "version_value": "8.5"
                          },
                          {
                            "version_value": "8.7"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a deadlock condition that may occur when an affected AP attempts to dequeue aggregated traffic that is destined to an attacker-controlled wireless client. An attacker who can successfully transition between multiple Service Set Identifiers (SSIDs) hosted on the same AP while replicating the required traffic patterns could trigger the deadlock condition. A watchdog timer that detects the condition will trigger a reload of the device, resulting in a DoS condition while the device restarts."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1041929",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041929"
            },
            {
              "name": "105685",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105685"
            },
            {
              "name": "20181017 Cisco Aironet 1560, 1800, 2800, and 3800 Series Access Points Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-aironet-dos"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20181017-aironet-dos",
          "defect": [
            [
              "CSCvh21953"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0381",
    "datePublished": "2018-10-17T22:00:00Z",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-11-26T14:24:47.453Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2019-01902

CVE-2018-0381 (GCVE-0-2018-0381)

Tags

Sightings

Nomenclature