CVE-2018-0249
https://notcve.org/view.php?id=CVE-2018-0249
A vulnerability when handling incoming 802.11 Association Requests for Cisco Aironet 1800 Series Access Point (APs) on Qualcomm Atheros (QCA) based hardware platforms could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. A successful exploit could prevent new clients from joining the AP. The vulnerability is due to incorrect handling of malformed or invalid 802.11 Association Requests. An attacker could exploit this vulnerability by sending a malformed stream of 802.11 Association Requests to the local interface of the targeted device. A successful exploit could allow the attacker to cause a DoS situation on an affected system, causing new client 802.11 Association Requests to fail. • http://www.securitytracker.com/id/1040816 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-dos • CWE-20: Improper Input Validation •
CVE-2018-0250
https://notcve.org/view.php?id=CVE-2018-0250
A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent attacker to bypass a configured FlexConnect access control list (ACL). The vulnerability is due to the AP ignoring the ACL download from the client during authentication. An attacker could exploit this vulnerability by connecting to the targeted device with a vulnerable configuration. A successful exploit could allow the attacker to bypass a configured client FlexConnect ACL. This vulnerability affects the following Cisco products if they are running a vulnerable release of Central Web Authentication with FlexConnect Access Points Software: Aironet 1560 Series Access Points, Aironet 1810 Series OfficeExtend Access Points, Aironet 1810w Series Access Points, Aironet 1815 Series Access Points, Aironet 1830 Series Access Points, Aironet 1850 Series Access Points, Aironet 2800 Series Access Points, Aironet 3800 Series Access Points. • http://www.securitytracker.com/id/1040818 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-acl • CWE-693: Protection Mechanism Failure •
CVE-2017-3831
https://notcve.org/view.php?id=CVE-2017-3831
A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for accessing certain web pages using the GUI interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected system. A successful exploit could allow the attacker to bypass authentication and perform unauthorized configuration changes or issue control commands to the affected device. • http://www.securityfocus.com/bid/96909 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800 • CWE-264: Permissions, Privileges, and Access Controls CWE-287: Improper Authentication •
CVE-2016-9220
https://notcve.org/view.php?id=CVE-2016-9220
A Denial of Service Vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause the connection table to be full of invalid connections and be unable to process new incoming requests. More Information: CSCvb66659. Known Affected Releases: 8.2(130.0). Known Fixed Releases: 8.2(131.10) 8.2(131.6) 8.2(141.0) 8.3(104.56) 8.4(1.88) 8.4(1.91). Una vulnerabilidad de denegación de servicio en el procesamiento del paquete de entrada 802.11 de los Access Points (APs) de Cisco Mobility Express 2800 y 3800 podrían permitir a un atacante adyacente no autenticado provocar que la tabla de conexiones esté repleta de conexiones no válidas y sea incapaz de procesar nuevas peticiones de entrada. • http://www.securityfocus.com/bid/95633 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme1 • CWE-399: Resource Management Errors •
CVE-2016-9221
https://notcve.org/view.php?id=CVE-2016-9221
A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. Affected Products: This vulnerability affects Cisco Mobility Express 2800 Series and 3800 Series Access Points when configured in local mode in 40 MHz. More Information: CSCvb33575. Known Affected Releases: 8.2(121.12) 8.4(1.82). Known Fixed Releases: 8.2(131.2) 8.2(131.3) 8.2(131.4) 8.2(141.0) 8.3(104.53) 8.3(104.54) 8.4(1.80) 8.4(1.85). • http://www.securityfocus.com/bid/95631 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2 • CWE-399: Resource Management Errors •