CVE-2019-1826Improper Input Validation in Cisco Aironet Access Point Software

CWE-20Improper Input Validation4 documents4 sources
Severity
5.7MEDIUMNVD
CNA6.8
EPSS
0.1%
top 67.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Aironet Access Point SoftwareCisco Aironet Access Point Firmware
Timeline
PublishedApr 18
Latest updateMay 13

Description

A vulnerability in the quality of service (QoS) feature of Cisco Aironet Series Access Points (APs) could allow an authenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation on QoS fields within Wi-Fi frames by the affected device. An attacker could exploit this vulnerability by sending malformed Wi-Fi frames to an affected device. A successful exploit could allow the attacker to cause the affected de

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.1 | Impact: 3.6

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-72jx-gchv-4v87: A vulnerability in the quality of service (QoS) feature of Cisco Aironet Series Access Points (APs) could allow an authenticated, adjacent attacker to2022-05-13
CVEList
Cisco Aironet Series Access Points Quality of Service Denial of Service Vulnerability2019-04-18

📋Vendor Advisories

1
Cisco
Cisco Aironet Series Access Points Quality of Service Denial of Service Vulnerability2019-04-17