CVE-2017-3831
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for accessing certain web pages using the GUI interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected system. A successful exploit could allow the attacker to bypass authentication and perform unauthorized configuration changes or issue control commands to the affected device. This vulnerability affects Cisco Mobility Express 1800 Series Access Points running a software version prior to 8.2.110.0. Cisco Bug IDs: CSCuy68219.
Una vulnerabilidad en la interfaz gráfica de usuario basada en web de los puntos de acceso Cisco Mobility Express serie 1800 podría permitir a un atacante remoto no autenticado eludir la autenticación. El atacante podría tener privilegios completos de administrador. La vulnerabilidad se debe a la implementación incorrecta de la autenticación para acceder a determinadas páginas web a través de la interfaz GUI. Un atacante podría aprovechar esta vulnerabilidad enviando una solicitud HTTP manipulada a la interfaz web del sistema afectado. Una explotación exitosa podría permitir al atacante eludir la autenticación y realizar cambios de configuración no autorizados o mandar comandos de control al dispositivo afectado. Esta vulnerabilidad afecta a los puntos de acceso Cisco Mobility Express Serie 1800 que ejecutan una versión de software anterior a 8.2.110.0. ID de errores de Cisco: CSCuy68219.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-12-21 CVE Reserved
- 2017-03-15 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
- CWE-287: Improper Authentication
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/96909 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800 | 2019-10-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(15.14\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(15.14\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1810 Search vendor "Cisco" for product "Aironet 1810" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(15.14\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(15.14\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1810w Search vendor "Cisco" for product "Aironet 1810w" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(15.14\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(15.14\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1815i Search vendor "Cisco" for product "Aironet 1815i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(15.14\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(15.14\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1830e Search vendor "Cisco" for product "Aironet 1830e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(15.14\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(15.14\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1830i Search vendor "Cisco" for product "Aironet 1830i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(15.14\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(15.14\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1850e Search vendor "Cisco" for product "Aironet 1850e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(15.14\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(15.14\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1850i Search vendor "Cisco" for product "Aironet 1850i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(112.3\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1810 Search vendor "Cisco" for product "Aironet 1810" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(112.3\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1810w Search vendor "Cisco" for product "Aironet 1810w" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(112.3\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1815i Search vendor "Cisco" for product "Aironet 1815i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(112.3\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1830e Search vendor "Cisco" for product "Aironet 1830e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(112.3\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1830i Search vendor "Cisco" for product "Aironet 1830i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(112.3\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1850e Search vendor "Cisco" for product "Aironet 1850e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(112.3\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1850i Search vendor "Cisco" for product "Aironet 1850i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(112.4\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1810 Search vendor "Cisco" for product "Aironet 1810" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(112.4\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1810w Search vendor "Cisco" for product "Aironet 1810w" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(112.4\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1815i Search vendor "Cisco" for product "Aironet 1815i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(112.4\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1830e Search vendor "Cisco" for product "Aironet 1830e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(112.4\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1830i Search vendor "Cisco" for product "Aironet 1830i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(112.4\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1850e Search vendor "Cisco" for product "Aironet 1850e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(112.4\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1850i Search vendor "Cisco" for product "Aironet 1850i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(131.0\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(131.0\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1810 Search vendor "Cisco" for product "Aironet 1810" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(131.0\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(131.0\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1810w Search vendor "Cisco" for product "Aironet 1810w" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(131.0\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(131.0\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1815i Search vendor "Cisco" for product "Aironet 1815i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(131.0\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(131.0\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1830e Search vendor "Cisco" for product "Aironet 1830e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(131.0\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(131.0\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1830i Search vendor "Cisco" for product "Aironet 1830i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(131.0\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(131.0\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1850e Search vendor "Cisco" for product "Aironet 1850e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software" | 8.1\(131.0\) Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(131.0\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1850i Search vendor "Cisco" for product "Aironet 1850i" | - | - |
Safe
|