// For flags

CVE-2017-3831

 

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for accessing certain web pages using the GUI interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected system. A successful exploit could allow the attacker to bypass authentication and perform unauthorized configuration changes or issue control commands to the affected device. This vulnerability affects Cisco Mobility Express 1800 Series Access Points running a software version prior to 8.2.110.0. Cisco Bug IDs: CSCuy68219.

Una vulnerabilidad en la interfaz gráfica de usuario basada en web de los puntos de acceso Cisco Mobility Express serie 1800 podría permitir a un atacante remoto no autenticado eludir la autenticación. El atacante podría tener privilegios completos de administrador. La vulnerabilidad se debe a la implementación incorrecta de la autenticación para acceder a determinadas páginas web a través de la interfaz GUI. Un atacante podría aprovechar esta vulnerabilidad enviando una solicitud HTTP manipulada a la interfaz web del sistema afectado. Una explotación exitosa podría permitir al atacante eludir la autenticación y realizar cambios de configuración no autorizados o mandar comandos de control al dispositivo afectado. Esta vulnerabilidad afecta a los puntos de acceso Cisco Mobility Express Serie 1800 que ejecutan una versión de software anterior a 8.2.110.0. ID de errores de Cisco: CSCuy68219.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2016-12-21 CVE Reserved
  • 2017-03-15 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-264: Permissions, Privileges, and Access Controls
  • CWE-287: Improper Authentication
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(15.14\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(15.14\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1810
Search vendor "Cisco" for product "Aironet 1810"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(15.14\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(15.14\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1810w
Search vendor "Cisco" for product "Aironet 1810w"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(15.14\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(15.14\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1815i
Search vendor "Cisco" for product "Aironet 1815i"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(15.14\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(15.14\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1830e
Search vendor "Cisco" for product "Aironet 1830e"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(15.14\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(15.14\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1830i
Search vendor "Cisco" for product "Aironet 1830i"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(15.14\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(15.14\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1850e
Search vendor "Cisco" for product "Aironet 1850e"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(15.14\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(15.14\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1850i
Search vendor "Cisco" for product "Aironet 1850i"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(112.3\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.3\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1810
Search vendor "Cisco" for product "Aironet 1810"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(112.3\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.3\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1810w
Search vendor "Cisco" for product "Aironet 1810w"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(112.3\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.3\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1815i
Search vendor "Cisco" for product "Aironet 1815i"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(112.3\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.3\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1830e
Search vendor "Cisco" for product "Aironet 1830e"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(112.3\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.3\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1830i
Search vendor "Cisco" for product "Aironet 1830i"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(112.3\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.3\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1850e
Search vendor "Cisco" for product "Aironet 1850e"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(112.3\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.3\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1850i
Search vendor "Cisco" for product "Aironet 1850i"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(112.4\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.4\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1810
Search vendor "Cisco" for product "Aironet 1810"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(112.4\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.4\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1810w
Search vendor "Cisco" for product "Aironet 1810w"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(112.4\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.4\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1815i
Search vendor "Cisco" for product "Aironet 1815i"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(112.4\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.4\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1830e
Search vendor "Cisco" for product "Aironet 1830e"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(112.4\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.4\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1830i
Search vendor "Cisco" for product "Aironet 1830i"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(112.4\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.4\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1850e
Search vendor "Cisco" for product "Aironet 1850e"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(112.4\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(112.4\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1850i
Search vendor "Cisco" for product "Aironet 1850i"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(131.0\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(131.0\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1810
Search vendor "Cisco" for product "Aironet 1810"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(131.0\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(131.0\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1810w
Search vendor "Cisco" for product "Aironet 1810w"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(131.0\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(131.0\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1815i
Search vendor "Cisco" for product "Aironet 1815i"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(131.0\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(131.0\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1830e
Search vendor "Cisco" for product "Aironet 1830e"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(131.0\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(131.0\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1830i
Search vendor "Cisco" for product "Aironet 1830i"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(131.0\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(131.0\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1850e
Search vendor "Cisco" for product "Aironet 1850e"
--
Safe
Cisco
Search vendor "Cisco"
Aironet Access Point Software
Search vendor "Cisco" for product "Aironet Access Point Software"
8.1\(131.0\)
Search vendor "Cisco" for product "Aironet Access Point Software" and version "8.1\(131.0\)"
-
Affected
in Cisco
Search vendor "Cisco"
Aironet 1850i
Search vendor "Cisco" for product "Aironet 1850i"
--
Safe