CVE-2019-1834Improper Input Validation in Cisco Aironet Access Point Firmware

CWE-20Improper Input Validation4 documents4 sources
Severity
6.5MEDIUMNVD
CNA7.4
EPSS
0.2%
top 59.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Aironet Access Point FirmwareCisco Aironet Access Point Software
Timeline
PublishedApr 18
Latest updateMay 13

Description

A vulnerability in the internal packet processing of Cisco Aironet Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected AP if the switch interface where the AP is connected has port security configured. The vulnerability exists because the AP forwards some malformed wireless client packets outside of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel. An attacker could exploit this vulnerabili

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

NVDcisco/aironet_access_point_firmware8.58.5.140.0+3

🔴Vulnerability Details

2
GHSA
GHSA-mvvv-8xrh-cv67: A vulnerability in the internal packet processing of Cisco Aironet Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cau2022-05-13
CVEList
Cisco Aironet Series Access Points Denial of Service Vulnerability2019-04-18

📋Vendor Advisories

1
Cisco
Cisco Aironet Series Access Points Denial of Service Vulnerability2019-04-17
CVE-2019-1834 — Improper Input Validation in Cisco | cvebase