{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T02:37:17.099","vulnerabilities":[{"cve":{"id":"CVE-2019-1834","sourceIdentifier":"psirt@cisco.com","published":"2019-04-18T02:29:05.843","lastModified":"2024-11-21T04:37:29.763","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the internal packet processing of Cisco Aironet Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected AP if the switch interface where the AP is connected has port security configured. The vulnerability exists because the AP forwards some malformed wireless client packets outside of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel. An attacker could exploit this vulnerability by sending crafted wireless packets to an affected AP. A successful exploit could allow the attacker to trigger a security violation on the adjacent switch port, which could result in a DoS condition. Note: Though the Common Vulnerability Scoring System (CVSS) score corresponds to a High Security Impact Rating (SIR), this vulnerability is considered Medium because a workaround is available and exploitation requires a specific switch configuration. There are workarounds that address this vulnerability."},{"lang":"es","value":"Una vulnerabilidad en el procesamiento interno de paquetes de Aironet Series Access Points (APs) de Cisco, podría permitir que un atacante no identificado localmente genere una condición de denegación de servicio (DoS) en un dispositivo AP afectado si la interfaz del conmutador donde está conectado el dispositivo AP tiene una seguridad de puerto configurada. La vulnerabilidad existe porque el AP corre en algunos paquetes del cliente de red inalámbrica malformados fuera del control y del aprovisionamiento del túnel de los puntos de acceso inalámbricos (CAPWAP). Un atacante podría aprovechar esta vulnerabilidad enviando paquetes inalámbricos creados a un dispositivo AP afectado. Una operación con éxito podría permitir al atacante desencadenar una violación de seguridad en el puerto del switch adyacente, lo que podría resultar en una condición de DoS. Nota: aunque la puntuación del sistema común de puntuación de vulnerabilidad (CVSS) corresponde a una clasificación de impacto de alta seguridad (SIR), esta vulnerabilidad se considera Media porque hay una solución disponible y la explotación requiere una configuración de conmutador específica. Hay soluciones que abordan esta vulnerabilidad."}],"metrics":{"cvssMetricV30":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:N/I:N/A:P","baseScore":3.3,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":6.5,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:aironet_access_point_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"8.5","versionEndExcluding":"8.5.140.0","matchCriteriaId":"157DEA4D-54A7-4F7C-BC6E-13FE00085969"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:aironet_access_point_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"8.6.101.0","versionEndExcluding":"8.8.111.0","matchCriteriaId":"916CC4E1-D614-4581-8AF7-CF90065E9987"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:aironet_access_point_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"8.8.120.0","versionEndExcluding":"8.9.100.0","matchCriteriaId":"3B2526AD-442E-4AD4-8596-60FB062CAE48"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*","matchCriteriaId":"C5DB7510-2741-464A-8FC9-8419985E330F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*","matchCriteriaId":"3AE916B2-CAAD-4508-A47E-A7D4D88B077A"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*","matchCriteriaId":"1D717945-EE41-4D0F-86EF-90826EBE9C3E"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*","matchCriteriaId":"99EAEA92-6589-4DFB-BC4B-8CBA425452D9"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*","matchCriteriaId":"D27AB201-342D-4517-9E05-6088598F4695"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:aironet_1800i:-:*:*:*:*:*:*:*","matchCriteriaId":"BC836B4D-A489-4300-B0A2-EF0B6E01E623"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*","matchCriteriaId":"098A82FF-95F7-416A-BADD-C57CE81ACD32"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*","matchCriteriaId":"DD1D5813-9223-4B3F-9DE2-F3EF854FC927"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*","matchCriteriaId":"10D7583E-2B61-40F1-B9A6-701DA08F8CDF"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*","matchCriteriaId":"945DDBE7-6233-416B-9BEE-7029F047E298"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*","matchCriteriaId":"0ED89428-750C-4C26-B2A1-E3D63F8B3F44"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:aironet_access_point_firmware:8.5\\(131.0\\):*:*:*:*:*:*:*","matchCriteriaId":"FDAB7C18-98CB-4269-AED2-79FCEA30A679"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*","matchCriteriaId":"24E47788-9B54-42C5-AD83-428B22674575"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*","matchCriteriaId":"A333CD0B-4729-4E64-8B52-A3F5138F5B70"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/108000","source":"psirt@cisco.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-air-ap-dos","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/108000","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-air-ap-dos","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}