{"containers": {"cna": {"affected": [{"product": "Cisco Aironet Access Point Software ", "vendor": "Cisco", "versions": [{"status": "affected", "version": "8.5(131.0)"}]}], "datePublic": "2019-04-17T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the internal packet processing of Cisco Aironet Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected AP if the switch interface where the AP is connected has port security configured. The vulnerability exists because the AP forwards some malformed wireless client packets outside of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel. An attacker could exploit this vulnerability by sending crafted wireless packets to an affected AP. A successful exploit could allow the attacker to trigger a security violation on the adjacent switch port, which could result in a DoS condition. Note: Though the Common Vulnerability Scoring System (CVSS) score corresponds to a High Security Impact Rating (SIR), this vulnerability is considered Medium because a workaround is available and exploitation requires a specific switch configuration. There are workarounds that address this vulnerability."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-04-19T06:06:05", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20190417 Cisco Aironet Series Access Points Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-air-ap-dos"}, {"name": "108000", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/108000"}], "source": {"advisory": "cisco-sa-20190417-air-ap-dos", "defect": [["CSCvj96316", "CSCvm97169"]], "discovery": "INTERNAL"}, "title": "Cisco Aironet Series Access Points Denial of Service Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2019-04-17T16:00:00-0700", "ID": "CVE-2019-1834", "STATE": "PUBLIC", "TITLE": "Cisco Aironet Series Access Points Denial of Service Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Aironet Access Point Software ", "version": {"version_data": [{"version_value": "8.5(131.0)"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the internal packet processing of Cisco Aironet Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected AP if the switch interface where the AP is connected has port security configured. The vulnerability exists because the AP forwards some malformed wireless client packets outside of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel. An attacker could exploit this vulnerability by sending crafted wireless packets to an affected AP. A successful exploit could allow the attacker to trigger a security violation on the adjacent switch port, which could result in a DoS condition. Note: Though the Common Vulnerability Scoring System (CVSS) score corresponds to a High Security Impact Rating (SIR), this vulnerability is considered Medium because a workaround is available and exploitation requires a specific switch configuration. There are workarounds that address this vulnerability."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "}], "impact": {"cvss": {"baseScore": "7.4", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H ", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "references": {"reference_data": [{"name": "20190417 Cisco Aironet Series Access Points Denial of Service Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-air-ap-dos"}, {"name": "108000", "refsource": "BID", "url": "http://www.securityfocus.com/bid/108000"}]}, "source": {"advisory": "cisco-sa-20190417-air-ap-dos", "defect": [["CSCvj96316", "CSCvm97169"]], "discovery": "INTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2019-1834", "datePublished": "2019-04-17T00:00:00", "dateReserved": "2018-12-06T00:00:00", "dateUpdated": "2019-04-19T06:06:05", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:aironet_access_point_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "157DEA4D-54A7-4F7C-BC6E-13FE00085969", "versionEndExcluding": "8.5.140.0", "versionStartIncluding": "8.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:aironet_access_point_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "916CC4E1-D614-4581-8AF7-CF90065E9987", "versionEndExcluding": "8.8.111.0", "versionStartIncluding": "8.6.101.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:aironet_access_point_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3B2526AD-442E-4AD4-8596-60FB062CAE48", "versionEndExcluding": "8.9.100.0", "versionStartIncluding": "8.8.120.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*", "matchCriteriaId": "C5DB7510-2741-464A-8FC9-8419985E330F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*", "matchCriteriaId": "3AE916B2-CAAD-4508-A47E-A7D4D88B077A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*", "matchCriteriaId": "1D717945-EE41-4D0F-86EF-90826EBE9C3E", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*", "matchCriteriaId": "99EAEA92-6589-4DFB-BC4B-8CBA425452D9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*", "matchCriteriaId": "D27AB201-342D-4517-9E05-6088598F4695", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1800i:-:*:*:*:*:*:*:*", "matchCriteriaId": "BC836B4D-A489-4300-B0A2-EF0B6E01E623", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*", "matchCriteriaId": "098A82FF-95F7-416A-BADD-C57CE81ACD32", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD1D5813-9223-4B3F-9DE2-F3EF854FC927", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*", "matchCriteriaId": "10D7583E-2B61-40F1-B9A6-701DA08F8CDF", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*", "matchCriteriaId": "945DDBE7-6233-416B-9BEE-7029F047E298", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*", "matchCriteriaId": "0ED89428-750C-4C26-B2A1-E3D63F8B3F44", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:aironet_access_point_firmware:8.5\\(131.0\\):*:*:*:*:*:*:*", "matchCriteriaId": "FDAB7C18-98CB-4269-AED2-79FCEA30A679", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*", "matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*", "matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the internal packet processing of Cisco Aironet Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected AP if the switch interface where the AP is connected has port security configured. The vulnerability exists because the AP forwards some malformed wireless client packets outside of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel. An attacker could exploit this vulnerability by sending crafted wireless packets to an affected AP. A successful exploit could allow the attacker to trigger a security violation on the adjacent switch port, which could result in a DoS condition. Note: Though the Common Vulnerability Scoring System (CVSS) score corresponds to a High Security Impact Rating (SIR), this vulnerability is considered Medium because a workaround is available and exploitation requires a specific switch configuration. There are workarounds that address this vulnerability."}, {"lang": "es", "value": "Una vulnerabilidad en el procesamiento interno de paquetes de Aironet Series Access Points (APs) de Cisco, podr\u00eda permitir que un atacante no identificado localmente genere una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo AP afectado si la interfaz del conmutador donde est\u00e1 conectado el dispositivo AP tiene una seguridad de puerto configurada. La vulnerabilidad existe porque el AP corre en algunos paquetes del cliente de red inal\u00e1mbrica malformados fuera del control y del aprovisionamiento del t\u00fanel de los puntos de acceso inal\u00e1mbricos (CAPWAP). Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes inal\u00e1mbricos creados a un dispositivo AP afectado. Una operaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante desencadenar una violaci\u00f3n de seguridad en el puerto del switch adyacente, lo que podr\u00eda resultar en una condici\u00f3n de DoS. Nota: aunque la puntuaci\u00f3n del sistema com\u00fan de puntuaci\u00f3n de vulnerabilidad (CVSS) corresponde a una clasificaci\u00f3n de impacto de alta seguridad (SIR), esta vulnerabilidad se considera Media porque hay una soluci\u00f3n disponible y la explotaci\u00f3n requiere una configuraci\u00f3n de conmutador espec\u00edfica. Hay soluciones que abordan esta vulnerabilidad."}], "id": "CVE-2019-1834", "lastModified": "2019-10-09T23:48:17.253", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 4.0, "source": "ykramarz@cisco.com", "type": "Secondary"}]}, "published": "2019-04-18T02:29:05.843", "references": [{"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/108000"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-air-ap-dos"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}

{}