CVE-2019-1829
Cisco Aironet Series Access Points Command Injection Vulnerability
Severity Score
6.7
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track*
*SSVC
Descriptions
A vulnerability in the CLI of Cisco Aironet Series Access Points (APs) could allow an authenticated, local attacker to gain access to the underlying Linux operating system (OS) without the proper authentication. The attacker would need valid administrator device credentials. The vulnerability is due to improper validation of user-supplied input for certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input for a CLI command. A successful exploit could allow the attacker to obtain access to the underlying Linux OS without proper authentication.
Una vulnerabilidad en la CLI de Aironet Series Access Points (APs) de Cisco Aironet de Cisco podría permitir a un atacante local autorizado obtener acceso al sistema operativo Linux (OS) subyacente sin la autenticación adecuada. El atacante necesitaría credenciales de dispositivo de administrador válidas. La vulnerabilidad es debido a la composición incorrecta de la entrada proporcionada por el usuario para ciertos comandos de la CLI. Un atacante podría aprovechar esta vulnerabilidad al autenticarse en un dispositivo afectado y enviar una entrada creada para un comando de la CLI. Una explotación con éxito podría permitir al atacante obtener acceso al sistema operativo Linux subyacente sin la autenticación adecuada.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track*
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-12-06 CVE Reserved
- 2019-04-18 CVE Published
- 2023-03-08 EPSS Updated
- 2024-11-20 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-16: Configuration
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/107990 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | < 8.3.150.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " < 8.3.150.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1542d Search vendor "Cisco" for product "Aironet 1542d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | < 8.3.150.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " < 8.3.150.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1542i Search vendor "Cisco" for product "Aironet 1542i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | < 8.3.150.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " < 8.3.150.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1562d Search vendor "Cisco" for product "Aironet 1562d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | < 8.3.150.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " < 8.3.150.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1562e Search vendor "Cisco" for product "Aironet 1562e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | < 8.3.150.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " < 8.3.150.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1562i Search vendor "Cisco" for product "Aironet 1562i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | < 8.3.150.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " < 8.3.150.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1800i Search vendor "Cisco" for product "Aironet 1800i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | < 8.3.150.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " < 8.3.150.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 2800e Search vendor "Cisco" for product "Aironet 2800e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | < 8.3.150.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " < 8.3.150.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 2800i Search vendor "Cisco" for product "Aironet 2800i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | < 8.3.150.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " < 8.3.150.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3800e Search vendor "Cisco" for product "Aironet 3800e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | < 8.3.150.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " < 8.3.150.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3800i Search vendor "Cisco" for product "Aironet 3800i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | < 8.3.150.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " < 8.3.150.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3800p Search vendor "Cisco" for product "Aironet 3800p" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.5 < 8.5.140.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.5 < 8.5.140.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1542d Search vendor "Cisco" for product "Aironet 1542d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.5 < 8.5.140.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.5 < 8.5.140.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1542i Search vendor "Cisco" for product "Aironet 1542i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.5 < 8.5.140.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.5 < 8.5.140.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1562d Search vendor "Cisco" for product "Aironet 1562d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.5 < 8.5.140.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.5 < 8.5.140.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1562e Search vendor "Cisco" for product "Aironet 1562e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.5 < 8.5.140.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.5 < 8.5.140.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1562i Search vendor "Cisco" for product "Aironet 1562i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.5 < 8.5.140.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.5 < 8.5.140.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1800i Search vendor "Cisco" for product "Aironet 1800i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.5 < 8.5.140.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.5 < 8.5.140.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 2800e Search vendor "Cisco" for product "Aironet 2800e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.5 < 8.5.140.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.5 < 8.5.140.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 2800i Search vendor "Cisco" for product "Aironet 2800i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.5 < 8.5.140.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.5 < 8.5.140.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3800e Search vendor "Cisco" for product "Aironet 3800e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.5 < 8.5.140.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.5 < 8.5.140.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3800i Search vendor "Cisco" for product "Aironet 3800i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.5 < 8.5.140.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.5 < 8.5.140.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3800p Search vendor "Cisco" for product "Aironet 3800p" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.6.101.0 < 8.8.111.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.6.101.0 < 8.8.111.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1542d Search vendor "Cisco" for product "Aironet 1542d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.6.101.0 < 8.8.111.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.6.101.0 < 8.8.111.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1542i Search vendor "Cisco" for product "Aironet 1542i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.6.101.0 < 8.8.111.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.6.101.0 < 8.8.111.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1562d Search vendor "Cisco" for product "Aironet 1562d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.6.101.0 < 8.8.111.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.6.101.0 < 8.8.111.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1562e Search vendor "Cisco" for product "Aironet 1562e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.6.101.0 < 8.8.111.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.6.101.0 < 8.8.111.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1562i Search vendor "Cisco" for product "Aironet 1562i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.6.101.0 < 8.8.111.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.6.101.0 < 8.8.111.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1800i Search vendor "Cisco" for product "Aironet 1800i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.6.101.0 < 8.8.111.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.6.101.0 < 8.8.111.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 2800e Search vendor "Cisco" for product "Aironet 2800e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.6.101.0 < 8.8.111.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.6.101.0 < 8.8.111.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 2800i Search vendor "Cisco" for product "Aironet 2800i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.6.101.0 < 8.8.111.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.6.101.0 < 8.8.111.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3800e Search vendor "Cisco" for product "Aironet 3800e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.6.101.0 < 8.8.111.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.6.101.0 < 8.8.111.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3800i Search vendor "Cisco" for product "Aironet 3800i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | >= 8.6.101.0 < 8.8.111.0 Search vendor "Cisco" for product "Aironet Access Point Firmware" and version " >= 8.6.101.0 < 8.8.111.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3800p Search vendor "Cisco" for product "Aironet 3800p" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | 8.5\(131.0\) Search vendor "Cisco" for product "Aironet Access Point Firmware" and version "8.5\(131.0\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1850e Search vendor "Cisco" for product "Aironet 1850e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet Access Point Firmware Search vendor "Cisco" for product "Aironet Access Point Firmware" | 8.5\(131.0\) Search vendor "Cisco" for product "Aironet Access Point Firmware" and version "8.5\(131.0\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 1850i Search vendor "Cisco" for product "Aironet 1850i" | - | - |
Safe
|