CVSS: 4.1EPSS: 0%CPEs: 3EXPL: 0CVE-2018-0250
https://notcve.org/view.php?id=CVE-2018-0250
A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent attacker to bypass a configured FlexConnect access control list (ACL). The vulnerability is due to the AP ignoring the ACL download from the client during authentication. An attacker could exploit this vulnerability by connecting to the targeted device with a vulnerable configuration. A successful exploit could allow the attacker to bypass a configured client FlexConnect ACL. This vulnerability affects the following Cisco products if they are running a vulnerable release of Central Web Authentication with FlexConnect Access Points Software: Aironet 1560 Series Access Points, Aironet 1810 Series OfficeExtend Access Points, Aironet 1810w Series Access Points, Aironet 1815 Series Access Points, Aironet 1830 Series Access Points, Aironet 1850 Series Access Points, Aironet 2800 Series Access Points, Aironet 3800 Series Access Points. • http://www.securitytracker.com/id/1040818 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-acl • CWE-693: Protection Mechanism Failure •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2016-6361
https://notcve.org/view.php?id=CVE-2016-6361
The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288. La implementación de Aggregated MAC Protocol Data Unit (AMPDU) en dispositivos Cisco Aironet 1800, 2800 y 3800 con software en versiones anteriores a 8.2.121.0 y 8.3.x en versiones anteriores 8.3.102.0 permite a atacantes remotos causar una denegación de servicios (reinicio de dispositivo) a través de una cabecera AMPDU manipulado, también conocido como Bug ID CSCuz56288. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap http://www.securityfocus.com/bid/92508 http://www.securitytracker.com/id/1036648 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2016-6362
https://notcve.org/view.php?id=CVE-2016-6362
Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725. Dispositivos Cisco Aironet 1800, 2800 y 3800 con software en versiones anteriores a 8.2.110.0, 8.2.12x en versiones anteriores a 8.2.121.0 y 8.3.x en versiones anteriores a 8.3.102.0 permiten a usuarios locales obtener privilegios a través de parámetros CLI manipulados, también conocido como Bug ID CSCuz24725. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap1 http://www.securityfocus.com/bid/92513 http://www.securitytracker.com/id/1036644 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2016-6363
https://notcve.org/view.php?id=CVE-2016-6363
The rate-limit feature in the 802.11 protocol implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via crafted 802.11 frames, aka Bug ID CSCva06192. La función de la velocidad límite en el protocolo de implementación 802.11 en dispositivos Cisco Aironet 1800, 2800 y 3800 con software en versiones anteriores a 8.2.121.0 y 8.3.x en versiones anteriores a 8.3.102.0 permite a atacantes remotos causar una denegación de servicio (reinicio del dispositivo) a través de marcos 802.11 manipulados, también conocido como Bug ID CSCva06192. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap2 http://www.securityfocus.com/bid/92511 http://www.securitytracker.com/id/1036645 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2016-1418
https://notcve.org/view.php?id=CVE-2016-1418
Cisco Aironet Access Point Software 8.2(100.0) on 1830e, 1830i, 1850e, 1850i, 2800, and 3800 access points allows local users to obtain Linux root access via crafted CLI command parameters, aka Bug ID CSCuy64037. Cisco Aironet Access Point Software 8.2(100.0) en puntos de acceso 1830e, 1830i, 1850e, 1850i, 2800 y 3800 permite a usuarios locales obtener acceso root en Linux a través de parámetros de comando CLI manipulados, también conocido como Bug ID CSCuy64037. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160606-aap http://www.securitytracker.com/id/1036042 • CWE-20: Improper Input Validation •