cve-2017-3831
Vulnerability from cvelistv5
Published
2017-03-15 20:00
Modified
2024-08-05 14:39
Severity ?
Summary
A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for accessing certain web pages using the GUI interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected system. A successful exploit could allow the attacker to bypass authentication and perform unauthorized configuration changes or issue control commands to the affected device. This vulnerability affects Cisco Mobility Express 1800 Series Access Points running a software version prior to 8.2.110.0. Cisco Bug IDs: CSCuy68219.
References
ykramarz@cisco.comhttp://www.securityfocus.com/bid/96909Third Party Advisory, VDB Entry
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/96909Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800Vendor Advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:39:41.294Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "96909",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96909"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Mobility Express 1800 Access Point Series",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Mobility Express 1800 Access Point Series"
            }
          ]
        }
      ],
      "datePublic": "2017-03-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for accessing certain web pages using the GUI interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected system. A successful exploit could allow the attacker to bypass authentication and perform unauthorized configuration changes or issue control commands to the affected device. This vulnerability affects Cisco Mobility Express 1800 Series Access Points running a software version prior to 8.2.110.0. Cisco Bug IDs: CSCuy68219."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-264",
              "description": "Authentication Bypass Vulnerability CWE-264",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-16T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "96909",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96909"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-3831",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Mobility Express 1800 Access Point Series",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Mobility Express 1800 Access Point Series"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for accessing certain web pages using the GUI interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected system. A successful exploit could allow the attacker to bypass authentication and perform unauthorized configuration changes or issue control commands to the affected device. This vulnerability affects Cisco Mobility Express 1800 Series Access Points running a software version prior to 8.2.110.0. Cisco Bug IDs: CSCuy68219."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Authentication Bypass Vulnerability CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "96909",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/96909"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-3831",
    "datePublished": "2017-03-15T20:00:00",
    "dateReserved": "2016-12-21T00:00:00",
    "dateUpdated": "2024-08-05T14:39:41.294Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:aironet_access_point_software:8.1\\\\(15.14\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88453D71-DAF5-4813-9776-5391C31B1006\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:aironet_access_point_software:8.1\\\\(112.3\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A187F61E-D4A4-4DF9-93B4-981C4B86F284\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:aironet_access_point_software:8.1\\\\(112.4\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A92A6EC5-E47A-4001-A25C-A1043B346EDE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:aironet_access_point_software:8.1\\\\(131.0\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AAE1697B-74D9-4416-AFBA-EAD5C0E5A6E2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:aironet_1810:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36F923CF-D4EB-48F8-821D-8BB3A69ABB62\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:aironet_1810w:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D613A17-FFA9-4FF0-9C2A-AF8ACD59B765\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"207DC80E-499C-4CA3-8A88-F027DBC64CCF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:aironet_1830e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4590D445-B4B6-48E6-BF55-BEA6BA763410\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:aironet_1830i:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"848CC5CD-1982-4F31-A626-BD567E1C19F0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24E47788-9B54-42C5-AD83-428B22674575\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A333CD0B-4729-4E64-8B52-A3F5138F5B70\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for accessing certain web pages using the GUI interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected system. A successful exploit could allow the attacker to bypass authentication and perform unauthorized configuration changes or issue control commands to the affected device. This vulnerability affects Cisco Mobility Express 1800 Series Access Points running a software version prior to 8.2.110.0. Cisco Bug IDs: CSCuy68219.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en la interfaz gr\\u00e1fica de usuario basada en web de los puntos de acceso Cisco Mobility Express serie 1800 podr\\u00eda permitir a un atacante remoto no autenticado eludir la autenticaci\\u00f3n. El atacante podr\\u00eda tener privilegios completos de administrador. La vulnerabilidad se debe a la implementaci\\u00f3n incorrecta de la autenticaci\\u00f3n para acceder a determinadas p\\u00e1ginas web a trav\\u00e9s de la interfaz GUI. Un atacante podr\\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTP manipulada a la interfaz web del sistema afectado. Una explotaci\\u00f3n exitosa podr\\u00eda permitir al atacante eludir la autenticaci\\u00f3n y realizar cambios de configuraci\\u00f3n no autorizados o mandar comandos de control al dispositivo afectado. Esta vulnerabilidad afecta a los puntos de acceso Cisco Mobility Express Serie 1800 que ejecutan una versi\\u00f3n de software anterior a 8.2.110.0. ID de errores de Cisco: CSCuy68219.\"}]",
      "id": "CVE-2017-3831",
      "lastModified": "2024-11-21T03:26:12.140",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-03-15T20:59:00.193",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/96909\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/96909\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-3831\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2017-03-15T20:59:00.193\",\"lastModified\":\"2024-11-21T03:26:12.140\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for accessing certain web pages using the GUI interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected system. A successful exploit could allow the attacker to bypass authentication and perform unauthorized configuration changes or issue control commands to the affected device. This vulnerability affects Cisco Mobility Express 1800 Series Access Points running a software version prior to 8.2.110.0. Cisco Bug IDs: CSCuy68219.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la interfaz gr\u00e1fica de usuario basada en web de los puntos de acceso Cisco Mobility Express serie 1800 podr\u00eda permitir a un atacante remoto no autenticado eludir la autenticaci\u00f3n. El atacante podr\u00eda tener privilegios completos de administrador. La vulnerabilidad se debe a la implementaci\u00f3n incorrecta de la autenticaci\u00f3n para acceder a determinadas p\u00e1ginas web a trav\u00e9s de la interfaz GUI. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTP manipulada a la interfaz web del sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante eludir la autenticaci\u00f3n y realizar cambios de configuraci\u00f3n no autorizados o mandar comandos de control al dispositivo afectado. Esta vulnerabilidad afecta a los puntos de acceso Cisco Mobility Express Serie 1800 que ejecutan una versi\u00f3n de software anterior a 8.2.110.0. ID de errores de Cisco: CSCuy68219.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_access_point_software:8.1\\\\(15.14\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88453D71-DAF5-4813-9776-5391C31B1006\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_access_point_software:8.1\\\\(112.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A187F61E-D4A4-4DF9-93B4-981C4B86F284\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_access_point_software:8.1\\\\(112.4\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A92A6EC5-E47A-4001-A25C-A1043B346EDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_access_point_software:8.1\\\\(131.0\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAE1697B-74D9-4416-AFBA-EAD5C0E5A6E2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1810:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36F923CF-D4EB-48F8-821D-8BB3A69ABB62\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1810w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D613A17-FFA9-4FF0-9C2A-AF8ACD59B765\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"207DC80E-499C-4CA3-8A88-F027DBC64CCF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1830e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4590D445-B4B6-48E6-BF55-BEA6BA763410\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1830i:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"848CC5CD-1982-4F31-A626-BD567E1C19F0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24E47788-9B54-42C5-AD83-428B22674575\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A333CD0B-4729-4E64-8B52-A3F5138F5B70\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/96909\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/96909\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.