{"id": "JVN:71263107", "vendorId": null, "type": "jvn", "bulletinFamily": "info", "title": "JVN#71263107: Multiple vulnerabilities in Cisco Small Business Series Wireless Access Points", "description": "Cisco Small Business Series Wireless Access Points provided by Cisco Systems, Inc. contain multiple vulnerabilities listed below.\n\n**Improper access control ([CWE-284](<https://cwe.mitre.org/data/definitions/284.html>))** \\- CVE-2021-1400 \n\nVersion| Vector| Score \n---|---|--- \nCVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H| **Base Score: 8.8** \nCVSS v2| AV:N/AC:L/Au:S/C:C/I:C/A:C| **Base Score: 9.0** \n \n**Command injection ([CWE-78](<https://cwe.mitre.org/data/definitions/78.html>))** \\- CVE-2021-1401 \n\nVersion| Vector| Score \n---|---|--- \nCVSS v3| CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N| **Base Score: 5.5** \nCVSS v2| AV:N/AC:M/Au:S/C:C/I:P/A:N| **Base Score: 7.0**\n\n ## Impact\n\nThe impacts may vary depending on the vulnerabilities, however, the followings are the possible impacts if an attacker who can access the affected device sends a specially crafted HTTP request to the administrative web interface of the device;\n\n * Impersonate a user including an administrator - CVE-2021-1400\n * An arbitrary command may be executed with the administrative privilege of the device - CVE-2021-1401\n\n ## Solution\n\n**Update the firmware** \nApply the appropriate firmware update according to the information provided by the developer.\n\n ## Products Affected\n\n * WAP125 Wireless-AC Dual Band Desktop Access Point with PoE 1.0.3.1 and earlier\n * WAP131 Wireless-N Dual Radio Access Point with PoE 1.0.2.17 and earlier\n * WAP150 Wireless-AC/N Dual Radio Access Point with PoE 1.1.2.4 and earlier\n * WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch 1.0.2.17 and earlier\n * WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE 1.1.2.4 and earlier\n * WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN 1.0.3.1 and earlier\nThe developer states that WAP131 Wireless-N Dual Radio Access Point with PoE and WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch are no longer supported (End-of-Life, EOL). For details, refer to [the information provided by the developer](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-multi-ZAfKGXhF#fs>).\n", "published": "2021-05-14T00:00:00", "modified": "2021-05-14T00:00:00", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "http://jvn.jp/en/jp/JVN71263107/index.html", "reporter": "Japan Vulnerability Notes", "references": [], "cvelist": ["CVE-2021-1400", "CVE-2021-1401"], "immutableFields": [], "lastseen": "2021-12-28T23:20:11", "viewCount": 41, "enchantments": {"dependencies": {"references": [{"type": "cisco", "idList": ["CISCO-SA-SB-WAP-MULTI-ZAFKGXHF"]}, {"type": "cve", "idList": ["CVE-2021-1400", "CVE-2021-1401"]}], "rev": 4}, "score": {"value": 7.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "cisco", "idList": ["CISCO-SA-SB-WAP-MULTI-ZAFKGXHF"]}, {"type": "cve", "idList": ["CVE-2021-1400", "CVE-2021-1401"]}]}, "exploitation": null, "vulnersScore": 7.1}, "_state": {"dependencies": 1646094296}}

{"cisco": [{"lastseen": "2021-09-02T22:30:26", "description": "Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device.\n\nFor more information about these vulnerabilities, see the Details [\"#details\"] section of this advisory.\n\nCisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.\n\nThis advisory is available at the following link:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-multi-ZAfKGXhF [\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-multi-ZAfKGXhF\"]", "cvss3": {}, "published": "2021-05-05T16:00:00", "type": "cisco", "title": "Cisco Small Business 100, 300, and 500 Series Wireless Access Points Vulnerabilities", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-1400", "CVE-2021-1401"], "modified": "2021-05-05T16:00:00", "id": "CISCO-SA-SB-WAP-MULTI-ZAFKGXHF", "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-multi-ZAfKGXhF", "cvss": {"score": 8.8, "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "cve": [{"lastseen": "2022-03-23T12:51:06", "description": "Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-06T13:15:00", "type": "cve", "title": "CVE-2021-1401", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1401"], "modified": "2021-05-17T12:53:00", "cpe": ["cpe:/o:cisco:wap131_firmware:1.0.2.17", "cpe:/o:cisco:wap351_firmware:1.0.2.17", "cpe:/o:cisco:wap581_firmware:1.0.3.1", "cpe:/o:cisco:wap150_firmware:1.1.2.4", "cpe:/o:cisco:wap125_firmware:1.0.3.1", "cpe:/o:cisco:wap361_firmware:1.1.2.4"], "id": "CVE-2021-1401", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1401", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:cisco:wap581_firmware:1.0.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:wap351_firmware:1.0.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:wap361_firmware:1.1.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:wap131_firmware:1.0.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:wap150_firmware:1.1.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:wap125_firmware:1.0.3.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:51:04", "description": "Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-06T13:15:00", "type": "cve", "title": "CVE-2021-1400", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1400"], "modified": "2021-05-17T12:39:00", "cpe": ["cpe:/o:cisco:wap131_firmware:1.0.2.17", "cpe:/o:cisco:wap351_firmware:1.0.2.17", "cpe:/o:cisco:wap581_firmware:1.0.3.1", "cpe:/o:cisco:wap150_firmware:1.1.2.4", "cpe:/o:cisco:wap125_firmware:1.0.3.1", "cpe:/o:cisco:wap361_firmware:1.1.2.4"], "id": "CVE-2021-1400", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1400", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:cisco:wap581_firmware:1.0.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:wap351_firmware:1.0.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:wap361_firmware:1.1.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:wap131_firmware:1.0.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:wap150_firmware:1.1.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:wap125_firmware:1.0.3.1:*:*:*:*:*:*:*"]}]}