CVE-2019-1835

Current Description

A vulnerability in the CLI of Cisco Aironet Access Points (APs) could allow an authenticated, local attacker to access sensitive information stored in an AP. The vulnerability is due to improper sanitization of user-supplied input in specific CLI commands. An attacker could exploit this vulnerability by accessing the CLI of an affected AP with administrator privileges and issuing crafted commands that result in directory traversal. A successful exploit could allow the attacker to view system files on the affected device, which could contain sensitive information. Software versions 8.8 and 8.9 are affected.

Basic Data

PublishedApril 18, 2019
Last ModifiedOctober 09, 2019
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-22
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactNONE
CVSS 2 - Base Score2.1
SeverityLOW
Exploitability Score3.9
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

CVSS 3 - Version3.0
CVSS 3 - Vector StringCVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CVSS 3 - Attack VectorLOCAL
CVSS 3 - Attack ComplexityLOW
CVSS 3 - Privileges RequiredHIGH
CVSS 3 - User InteractionNONE
CVSS 3 - ScopeUNCHANGED
CVSS 3 - Confidentiality ImpactHIGH
CVSS 3 - Integrity ImpactNONE
CVSS 3 - Availability ImpactNONE
CVSS 3 - Base Score4.4
CVSS 3 - Base SeverityMEDIUM
Exploitability Score0.8
Base SeverityMEDIUM

Configurations

  • AND
    • OR - Configuration 1
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSCiscoAironet Access Point Firmware8.8*******
      2.3OSCiscoAironet Access Point Firmware8.9*******
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3HardwareCiscoAironet 1542d-*******
      2.3HardwareCiscoAironet 1542i-*******
      2.3HardwareCiscoAironet 1562d-*******
      2.3HardwareCiscoAironet 1562e-*******
      2.3HardwareCiscoAironet 1562i-*******
      2.3HardwareCiscoAironet 1800i-*******
      2.3HardwareCiscoAironet 1850e-*******
      2.3HardwareCiscoAironet 1850i-*******
      2.3HardwareCiscoAironet 2800e-*******
      2.3HardwareCiscoAironet 2800i-*******
      2.3HardwareCiscoAironet 3800e-*******
      2.3HardwareCiscoAironet 3800i-*******
      2.3HardwareCiscoAironet 3800p-*******

Vulnerable Software List

VendorProductVersions
Cisco Aironet Access Point Firmware 8.8, 8.9

References

NameSourceURLTags
108001http://www.securityfocus.com/bid/108001BIDThird Party Advisory VDB Entry
20190417 Cisco Aironet Series Access Points Directory Traversal Vulnerabilityhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-air-ap-traveCISCOVendor Advisory