CVE-2019-1920
Cisco IOS Access Points Software 802.11r Fast Transition Denial of Service Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the 802.11r Fast Transition (FT) implementation for Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected interface. The vulnerability is due to a lack of complete error handling condition for client authentication requests sent to a targeted interface configured for FT. An attacker could exploit this vulnerability by sending crafted authentication request traffic to the targeted interface, causing the device to restart unexpectedly.
Una vulnerabilidad en la implementación de 802.11r Fast Transition (FT) para el Software IOS Access Points (APs) de Cisco, podría permitir a un atacante adyacente no autenticado causar una condición de denegación de servicio (DoS) en una interfaz afectada. La vulnerabilidad es debido a la falta de una condición de manejo de errores completo para las peticiones de autenticación de clientes enviadas hacia una interfaz específica configurada para FT. Un atacante podría explotar esta vulnerabilidad mediante un envío de tráfico de petición de autenticación hacia la interfaz de destino, haciendo que el dispositivo se reinicie inesperadamente.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2018-12-06 CVE Reserved
- 2019-07-17 CVE Published
- 2023-03-08 EPSS Updated
- 2024-11-21 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/109312 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Aironet 3700e Firmware Search vendor "Cisco" for product "Aironet 3700e Firmware" | 15.3\(3\)jc14 Search vendor "Cisco" for product "Aironet 3700e Firmware" and version "15.3\(3\)jc14" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3700e Search vendor "Cisco" for product "Aironet 3700e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet 3700e Firmware Search vendor "Cisco" for product "Aironet 3700e Firmware" | 15.3\(3\)jd6 Search vendor "Cisco" for product "Aironet 3700e Firmware" and version "15.3\(3\)jd6" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3700e Search vendor "Cisco" for product "Aironet 3700e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet 3700i Firmware Search vendor "Cisco" for product "Aironet 3700i Firmware" | 15.3\(3\)jc14 Search vendor "Cisco" for product "Aironet 3700i Firmware" and version "15.3\(3\)jc14" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3700i Search vendor "Cisco" for product "Aironet 3700i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet 3700i Firmware Search vendor "Cisco" for product "Aironet 3700i Firmware" | 15.3\(3\)jd6 Search vendor "Cisco" for product "Aironet 3700i Firmware" and version "15.3\(3\)jd6" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3700i Search vendor "Cisco" for product "Aironet 3700i" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet 3700p Firmware Search vendor "Cisco" for product "Aironet 3700p Firmware" | 15.3\(3\)jc14 Search vendor "Cisco" for product "Aironet 3700p Firmware" and version "15.3\(3\)jc14" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3700p Search vendor "Cisco" for product "Aironet 3700p" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Aironet 3700p Firmware Search vendor "Cisco" for product "Aironet 3700p Firmware" | 15.3\(3\)jd6 Search vendor "Cisco" for product "Aironet 3700p Firmware" and version "15.3\(3\)jd6" | - |
Affected
| in | Cisco Search vendor "Cisco" | Aironet 3700p Search vendor "Cisco" for product "Aironet 3700p" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Access Points Search vendor "Cisco" for product "Access Points" | < 8.2.170.0 Search vendor "Cisco" for product "Access Points" and version " < 8.2.170.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Access Points Search vendor "Cisco" for product "Access Points" | >= 8.3 < 8.3.150.0 Search vendor "Cisco" for product "Access Points" and version " >= 8.3 < 8.3.150.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Access Points Search vendor "Cisco" for product "Access Points" | >= 8.4 < 8.5.131.0 Search vendor "Cisco" for product "Access Points" and version " >= 8.4 < 8.5.131.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Access Points Search vendor "Cisco" for product "Access Points" | >= 8.6 < 8.8.100.0 Search vendor "Cisco" for product "Access Points" and version " >= 8.6 < 8.8.100.0" | - |
Affected
| ||||||