CVE-2019-1920
published 2019-07-17CVE-2019-1920: A vulnerability in the 802.11r Fast Transition (FT) implementation for Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker…
high7.4CVSS 3.1
AVAACLPRNUINSCCNINAH
A vulnerability in the 802.11r Fast Transition (FT) implementation for Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected interface. The vulnerability is due to a lack of complete error handling condition for client authentication requests sent to a targeted interface configured for FT. An attacker could exploit this vulnerability by sending crafted authentication request traffic to the targeted interface, causing the device to restart unexpectedly.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | access_points | < 8.2.170.0 | 8.2.170.0 |
| cisco | access_points | >= 8.3 < 8.3.150.0 | 8.3.150.0 |
| cisco | access_points | >= 8.4 < 8.5.131.0 | 8.5.131.0 |
| cisco | access_points | >= 8.6 < 8.8.100.0 | 8.8.100.0 |
| cisco | aironet_3700e_firmware | — | — |
| cisco | aironet_3700e_firmware | — | — |
| cisco | aironet_3700i_firmware | — | — |
| cisco | aironet_3700i_firmware | — | — |
| cisco | aironet_3700p_firmware | — | — |
| cisco | aironet_3700p_firmware | — | — |
| cisco | cisco_aironet_access_point_software | >= unspecified < 8.8.100.0 | 8.8.100.0 |
| cisco | ios_access_points | — | — |