JVN#71263107: Multiple vulnerabilities in Cisco Small Business Series Wireless Access Points

2021-05-14T00:00:00
ID JVN:71263107
Type jvn
Reporter Japan Vulnerability Notes
Modified 2021-05-14T00:00:00

Description

Cisco Small Business Series Wireless Access Points provided by Cisco Systems, Inc. contain multiple vulnerabilities listed below.

Improper access control (CWE-284) - CVE-2021-1400

Version| Vector| Score
---|---|---
CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H| Base Score: 8.8
CVSS v2| AV:N/AC:L/Au:S/C:C/I:C/A:C| Base Score: 9.0

Command injection (CWE-78) - CVE-2021-1401

Version| Vector| Score
---|---|---
CVSS v3| CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N| Base Score: 5.5
CVSS v2| AV:N/AC:M/Au:S/C:C/I:P/A:N| Base Score: 7.0

## Impact

The impacts may vary depending on the vulnerabilities, however, the followings are the possible impacts if an attacker who can access the affected device sends a specially crafted HTTP request to the administrative web interface of the device;

  • Impersonate a user including an administrator - CVE-2021-1400
  • An arbitrary command may be executed with the administrative privilege of the device - CVE-2021-1401

## Solution

Update the firmware
Apply the appropriate firmware update according to the information provided by the developer.

## Products Affected

  • WAP125 Wireless-AC Dual Band Desktop Access Point with PoE 1.0.3.1 and earlier
  • WAP131 Wireless-N Dual Radio Access Point with PoE 1.0.2.17 and earlier
  • WAP150 Wireless-AC/N Dual Radio Access Point with PoE 1.1.2.4 and earlier
  • WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch 1.0.2.17 and earlier
  • WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE 1.1.2.4 and earlier
  • WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN 1.0.3.1 and earlier The developer states that WAP131 Wireless-N Dual Radio Access Point with PoE and WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch are no longer supported (End-of-Life, EOL). For details, refer to the information provided by the developer.