CVE-2019-1829

Current Description

A vulnerability in the CLI of Cisco Aironet Series Access Points (APs) could allow an authenticated, local attacker to gain access to the underlying Linux operating system (OS) without the proper authentication. The attacker would need valid administrator device credentials. The vulnerability is due to improper validation of user-supplied input for certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input for a CLI command. A successful exploit could allow the attacker to obtain access to the underlying Linux OS without proper authentication.

Basic Data

PublishedApril 18, 2019
Last ModifiedOctober 09, 2019
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-287
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score7.2
SeverityHIGH
Exploitability Score3.9
Impact Score10.0
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

CVSS 3 - Version3.0
CVSS 3 - Vector StringCVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVSS 3 - Attack VectorLOCAL
CVSS 3 - Attack ComplexityLOW
CVSS 3 - Privileges RequiredHIGH
CVSS 3 - User InteractionNONE
CVSS 3 - ScopeUNCHANGED
CVSS 3 - Confidentiality ImpactHIGH
CVSS 3 - Integrity ImpactHIGH
CVSS 3 - Availability ImpactHIGH
CVSS 3 - Base Score6.7
CVSS 3 - Base SeverityMEDIUM
Exploitability Score0.8
Base SeverityMEDIUM

Configurations

  • AND
    • OR - Configuration 1
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSCiscoAironet Access Point Firmware********8.3.150.0
      2.3OSCiscoAironet Access Point Firmware********8.58.5.140.0
      2.3OSCiscoAironet Access Point Firmware********8.6.101.08.8.111.0
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3HardwareCiscoAironet 1542d-*******
      2.3HardwareCiscoAironet 1542i-*******
      2.3HardwareCiscoAironet 1562d-*******
      2.3HardwareCiscoAironet 1562e-*******
      2.3HardwareCiscoAironet 1562i-*******
      2.3HardwareCiscoAironet 1800i-*******
      2.3HardwareCiscoAironet 2800e-*******
      2.3HardwareCiscoAironet 2800i-*******
      2.3HardwareCiscoAironet 3800e-*******
      2.3HardwareCiscoAironet 3800i-*******
      2.3HardwareCiscoAironet 3800p-*******
  • AND
    • OR - Configuration 2
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSCiscoAironet Access Point Firmware8.5(131.0)*******
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3HardwareCiscoAironet 1850e-*******
      2.3HardwareCiscoAironet 1850i-*******

Vulnerable Software List

VendorProductVersions
Cisco Aironet Access Point Firmware *, 8.5(131.0)

References

NameSourceURLTags
107990http://www.securityfocus.com/bid/107990BIDThird Party Advisory VDB Entry
20190417 Cisco Aironet Series Access Points Command Injection Vulnerabilityhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-air-ap-cmdinCISCOVendor Advisory