ID

VAR-201703-0907


CVE

CVE-2017-3854


TITLE

Cisco Wireless LAN Controller Software mesh code authentication vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-002741

DESCRIPTION

A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology. The vulnerability is due to insufficient authentication of the parent access point in a mesh configuration. An attacker could exploit this vulnerability by forcing the target system to disconnect from the correct parent access point and reconnect to a rogue access point owned by the attacker. An exploit could allow the attacker to control the traffic flowing through the impacted access point or take full control of the target system. This vulnerability affects the following products running a vulnerable version of Wireless LAN Controller software and configured for meshed mode: Cisco 8500 Series Wireless Controller, Cisco 5500 Series Wireless Controller, Cisco 2500 Series Wireless Controller, Cisco Flex 7500 Series Wireless Controller, Cisco Virtual Wireless Controller, Wireless Services Module 2 (WiSM2). Note that additional configuration is needed in addition to upgrading to a fixed release. Cisco Bug IDs: CSCuc98992 CSCuu14804. Vendors have confirmed this vulnerability Bug ID CSCuc98992 and CSCuu14804 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. There is a remote security bypass vulnerability in Cisco WirelessLANController. An attacker could exploit this vulnerability to bypass security restrictions and perform unauthorized actions, resulting in further attacks. This may aid in further attacks. This product provides functions such as security policy and intrusion detection in wireless LAN

Trust: 2.52

sources: NVD: CVE-2017-3854 // JVNDB: JVNDB-2017-002741 // CNVD: CNVD-2017-04111 // BID: 96911 // VULHUB: VHN-112057

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-04111

AFFECTED PRODUCTS

vendor:ciscomodel:wireless lan controllerscope:eqversion:8.0.72.140

Trust: 1.0

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:6.0199.4

Trust: 1.0

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:7.41.54

Trust: 1.0

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:7.0250.0

Trust: 1.0

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:7.0220.0

Trust: 1.0

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:16.088.0

Trust: 1.0

vendor:ciscomodel:wireless lan controller softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:wireless services modulescope:eqversion:2

Trust: 0.6

vendor:ciscomodel:virtual wireless controllerscope: - version: -

Trust: 0.6

vendor:ciscomodel:flex series wireless controllerscope:eqversion:7500

Trust: 0.6

vendor:ciscomodel:series wireless controllerscope:eqversion:8500

Trust: 0.6

vendor:ciscomodel:series wireless controllerscope:eqversion:2500

Trust: 0.6

vendor:ciscomodel:series wireless controllerscope:eqversion:5500

Trust: 0.6

vendor:ciscomodel:wireless lan controllerscope:eqversion:4.0.217.0

Trust: 0.6

vendor:ciscomodel:wireless lan controllerscope:eqversion:7.0252.0

Trust: 0.6

vendor:ciscomodel:wireless lan controllerscope:eqversion:7.41.19

Trust: 0.6

vendor:ciscomodel:wireless lan controllerscope:eqversion:7.3.112

Trust: 0.6

vendor:ciscomodel:wireless lan controllerscope:eqversion:3.2.78.0

Trust: 0.6

vendor:ciscomodel:wireless lan controllerscope:eqversion:3.2.171.5

Trust: 0.6

vendor:ciscomodel:wireless lan controllerscope:eqversion:5.1.160.0

Trust: 0.6

vendor:ciscomodel:wireless lan controllerscope:eqversion:7.0250.0

Trust: 0.6

vendor:ciscomodel:wireless lan controllerscope:eqversion:7.4.1.1

Trust: 0.6

vendor:ciscomodel:wireless lan controllerscope:eqversion:4.2.99.0

Trust: 0.6

vendor:ciscomodel:wireless services modulescope:eqversion:20

Trust: 0.3

vendor:ciscomodel:virtual wireless controllerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:flex series wireless controllerscope:eqversion:75000

Trust: 0.3

vendor:ciscomodel:series wireless controllerscope:eqversion:85000

Trust: 0.3

vendor:ciscomodel:series wireless controllerscope:eqversion:55000

Trust: 0.3

vendor:ciscomodel:series wireless controllerscope:eqversion:25000

Trust: 0.3

sources: CNVD: CNVD-2017-04111 // BID: 96911 // JVNDB: JVNDB-2017-002741 // CNNVD: CNNVD-201703-635 // NVD: CVE-2017-3854

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-3854
value: HIGH

Trust: 1.0

NVD: CVE-2017-3854
value: HIGH

Trust: 0.8

CNVD: CNVD-2017-04111
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201703-635
value: HIGH

Trust: 0.6

VULHUB: VHN-112057
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-3854
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-04111
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-112057
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-3854
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2017-3854
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2017-04111 // VULHUB: VHN-112057 // JVNDB: JVNDB-2017-002741 // CNNVD: CNNVD-201703-635 // NVD: CVE-2017-3854

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.9

sources: VULHUB: VHN-112057 // JVNDB: JVNDB-2017-002741 // NVD: CVE-2017-3854

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201703-635

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201703-635

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-002741

PATCH

title:cisco-sa-20170315-wlc-meshurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wlc-mesh

Trust: 0.8

title:CiscoWirelessLANController Remote Security Bypass Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/91574

Trust: 0.6

title:Multiple Cisco product Wireless LAN Controller Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68496

Trust: 0.6

sources: CNVD: CNVD-2017-04111 // JVNDB: JVNDB-2017-002741 // CNNVD: CNNVD-201703-635

EXTERNAL IDS

db:NVDid:CVE-2017-3854

Trust: 3.4

db:BIDid:96911

Trust: 2.6

db:SECTRACKid:1038041

Trust: 1.7

db:JVNDBid:JVNDB-2017-002741

Trust: 0.8

db:CNNVDid:CNNVD-201703-635

Trust: 0.7

db:CNVDid:CNVD-2017-04111

Trust: 0.6

db:VULHUBid:VHN-112057

Trust: 0.1

sources: CNVD: CNVD-2017-04111 // VULHUB: VHN-112057 // BID: 96911 // JVNDB: JVNDB-2017-002741 // CNNVD: CNNVD-201703-635 // NVD: CVE-2017-3854

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170315-wlc-mesh

Trust: 2.3

url:http://www.securityfocus.com/bid/96911

Trust: 2.3

url:http://www.securitytracker.com/id/1038041

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3854

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2017-3854

Trust: 0.8

url:http://www.cisco.com/

Trust: 0.3

url:http://www.cisco.com/en/us/products/ps6302/products_sub_category_home.html

Trust: 0.3

sources: CNVD: CNVD-2017-04111 // VULHUB: VHN-112057 // BID: 96911 // JVNDB: JVNDB-2017-002741 // CNNVD: CNNVD-201703-635 // NVD: CVE-2017-3854

CREDITS

Cisco

Trust: 0.3

sources: BID: 96911

SOURCES

db:CNVDid:CNVD-2017-04111
db:VULHUBid:VHN-112057
db:BIDid:96911
db:JVNDBid:JVNDB-2017-002741
db:CNNVDid:CNNVD-201703-635
db:NVDid:CVE-2017-3854

LAST UPDATE DATE

2024-11-23T23:12:32.574000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2017-04111date:2017-04-09T00:00:00
db:VULHUBid:VHN-112057date:2017-07-12T00:00:00
db:BIDid:96911date:2017-03-16T00:03:00
db:JVNDBid:JVNDB-2017-002741date:2017-04-26T00:00:00
db:CNNVDid:CNNVD-201703-635date:2021-04-19T00:00:00
db:NVDid:CVE-2017-3854date:2024-11-21T03:26:14.933

SOURCES RELEASE DATE

db:CNVDid:CNVD-2017-04111date:2017-04-09T00:00:00
db:VULHUBid:VHN-112057date:2017-03-15T00:00:00
db:BIDid:96911date:2017-03-15T00:00:00
db:JVNDBid:JVNDB-2017-002741date:2017-04-26T00:00:00
db:CNNVDid:CNNVD-201703-635date:2017-03-28T00:00:00
db:NVDid:CVE-2017-3854date:2017-03-15T20:59:00.257