A vulnerability in the internal packet processing of Cisco Aironet Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected AP if the switch interface where the AP is connected has port security configured. The vulnerability exists because the AP forwards some malformed wireless client packets outside of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel. An attacker could exploit this vulnerability by sending crafted wireless packets to an affected AP. A successful exploit could allow the attacker to trigger a security violation on the adjacent switch port, which could result in a DoS condition. Note: Though the Common Vulnerability Scoring System (CVSS) score corresponds to a High Security Impact Rating (SIR), this vulnerability is considered Medium because a workaround is available and exploitation requires a specific switch configuration. There are workarounds that address this vulnerability.
Metrics
Affected Vendors & Products
References
History
Thu, 21 Nov 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2019-04-18T01:20:20.377213Z
Updated: 2024-11-21T19:36:47.303Z
Reserved: 2018-12-06T00:00:00
Link: CVE-2019-1834
Vulnrichment
Updated: 2024-08-04T18:28:42.946Z
NVD
Status : Modified
Published: 2019-04-18T02:29:05.843
Modified: 2024-11-21T04:37:29.763
Link: CVE-2019-1834
Redhat
No data.