Lucene search

[email protected]NVD:CVE-2019-15264

HistoryOct 16, 2019 - 7:15 p.m.

CVE-2019-15264

2019-10-1619:15:14

CWE-400

[email protected]

web.nvd.nist.gov

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

25.0%

JSON

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol implementation of Cisco Aironet and Catalyst 9100 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to improper resource management during CAPWAP message processing. An attacker could exploit this vulnerability by sending a high volume of legitimate wireless management frames within a short time to an affected device. A successful exploit could allow the attacker to cause a device to restart unexpectedly, resulting in a DoS condition for clients associated with the AP.

Affected configurations

Nvd

Node

ciscoaironet_1540_firmwareMatch-

AND

ciscoaironet_1540Match-

Node

ciscoaironet_1560_firmwareMatch-

AND

ciscoaironet_1560Match-

Node

ciscoaironet_1850_firmwareMatch-

ciscoaironet_1850_firmwareMatch8.9\(1.249\)

ciscoaironet_1850_firmwareMatch8.9\(1.255\)

ciscoaironet_1850_firmwareMatch8.9\(4.28\)

ciscoaironet_1850_firmwareMatch8.9\(4.41\)

ciscoaironet_1850_firmwareMatch8.9\(4.49\)

ciscoaironet_1850_firmwareMatch8.9\(4.55\)

ciscoaironet_1850_firmwareMatch8.9\(4.58\)

ciscoaironet_1850_firmwareMatch8.9\(104.24\)

ciscoaironet_1850_firmwareMatch8.10\(1.139\)

ciscoaironet_1850_firmwareMatch8.10\(1.146\)

AND

ciscoaironet_1800Match-

Node

ciscoaironet_2800_firmwareMatch-

AND

ciscoaironet_2800Match-

Node

ciscoaironet_3800_firmwareMatch-

AND

ciscoaironet_3800Match-

Node

ciscoaironet_4800_firmwareMatch-

AND

ciscoaironet_4800Match-

Node

ciscocatalyst_9100_firmwareMatch-

AND

ciscocatalyst_9100Match-

VendorProductVersionCPE
ciscoaironet_1540_firmware-cpe:2.3:o:cisco:aironet_1540_firmware:-:*:*:*:*:*:*:*
ciscoaironet_1540-cpe:2.3:h:cisco:aironet_1540:-:*:*:*:*:*:*:*
ciscoaironet_1560_firmware-cpe:2.3:o:cisco:aironet_1560_firmware:-:*:*:*:*:*:*:*
ciscoaironet_1560-cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:*
ciscoaironet_1850_firmware-cpe:2.3:o:cisco:aironet_1850_firmware:-:*:*:*:*:*:*:*
ciscoaironet_1850_firmware8.9(1.249)cpe:2.3:o:cisco:aironet_1850_firmware:8.9\(1.249\):*:*:*:*:*:*:*
ciscoaironet_1850_firmware8.9(1.255)cpe:2.3:o:cisco:aironet_1850_firmware:8.9\(1.255\):*:*:*:*:*:*:*
ciscoaironet_1850_firmware8.9(4.28)cpe:2.3:o:cisco:aironet_1850_firmware:8.9\(4.28\):*:*:*:*:*:*:*
ciscoaironet_1850_firmware8.9(4.41)cpe:2.3:o:cisco:aironet_1850_firmware:8.9\(4.41\):*:*:*:*:*:*:*
ciscoaironet_1850_firmware8.9(4.49)cpe:2.3:o:cisco:aironet_1850_firmware:8.9\(4.49\):*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	aironet_1540_firmware	-	cpe:2.3:o:cisco:aironet_1540_firmware:-:::::::*
cisco	aironet_1540	-	cpe:2.3:h:cisco:aironet_1540:-:::::::*
cisco	aironet_1560_firmware	-	cpe:2.3:o:cisco:aironet_1560_firmware:-:::::::*
cisco	aironet_1560	-	cpe:2.3:h:cisco:aironet_1560:-:::::::*
cisco	aironet_1850_firmware	-	cpe:2.3:o:cisco:aironet_1850_firmware:-:::::::*
cisco	aironet_1850_firmware	8.9(1.249)	cpe:2.3:o:cisco:aironet_1850_firmware:8.9\(1.249\):::::::*
cisco	aironet_1850_firmware	8.9(1.255)	cpe:2.3:o:cisco:aironet_1850_firmware:8.9\(1.255\):::::::*
cisco	aironet_1850_firmware	8.9(4.28)	cpe:2.3:o:cisco:aironet_1850_firmware:8.9\(4.28\):::::::*
cisco	aironet_1850_firmware	8.9(4.41)	cpe:2.3:o:cisco:aironet_1850_firmware:8.9\(4.41\):::::::*
cisco	aironet_1850_firmware	8.9(4.49)	cpe:2.3:o:cisco:aironet_1850_firmware:8.9\(4.49\):::::::*

Rows per page:

1-10 of 241

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-capwap-dos

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

25.0%

JSON

Related for NVD:CVE-2019-15264

prion1 cvelist1 symantec1 cisco1 cve1 threatpost1