Details of VAR-201904-0426

ID

VAR-201904-0426

CVE

CVE-2019-1800

TITLE

Cisco Wireless LAN Controller Software resource management vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-003522

DESCRIPTION

A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability exist because the software improperly validates input on fields within IAPP messages. An attacker could exploit the vulnerability by sending malicious IAPP messages to an affected device. A successful exploit could allow the attacker to cause the Cisco WLC Software to reload, resulting in a DoS condition. Software versions prior to 8.2.170.0, 8.5.150.0, and 8.8.100.0 are affected. Cisco Wireless LAN Controller is prone to multiple denial-of-service vulnerabilities. These issues are being tracked by Cisco Bug IDs CSCvh91032, CSCvh96364, and CSCvi89027. There is a resource management error vulnerability in the processing of IAPP messages in Cisco WLC Software, which originates from the improper management of system resources (such as memory, disk space, files, etc.) by network systems or products

Trust: 1.98

sources: NVD: CVE-2019-1800 // JVNDB: JVNDB-2019-003522 // BID: 108008 // VULHUB: VHN-150302

AFFECTED PRODUCTS

vendor:	cisco	model:	wireless lan controller software	scope:	lt	version:	8.5.150.0	Trust: 1.8
vendor:	cisco	model:	wireless lan controller software	scope:	lt	version:	8.8.100.0	Trust: 1.8
vendor:	cisco	model:	wireless lan controller	scope:	lt	version:	8.2.170.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller software	scope:	gte	version:	8.3	Trust: 1.0
vendor:	cisco	model:	wireless lan controller software	scope:	gte	version:	8.6	Trust: 1.0
vendor:	cisco	model:	wireless lan controller software	scope:	lt	version:	8.2.170.0	Trust: 0.8
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.5.110	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.3.143	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.3.140	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.8	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.7.106.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.7.102.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.7	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.5.105.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.4	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.3.111.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.3.102.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.3	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.2.141.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.2.130.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.2	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.1	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.0.140.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.0.100	Trust: 0.3
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.0.140	Trust: 0.3
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.2.164.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.2.121.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.1.131.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.1.104.37	Trust: 0.3
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.0.140.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.0.132.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.0.120.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.0.100.0	Trust: 0.3
vendor:	cisco	model:	series wireless controller	scope:	eq	version:	55000	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	ne	version:	8.8.120.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	ne	version:	8.8.100.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	ne	version:	8.5.140.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	ne	version:	8.5.131.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	ne	version:	8.3.150.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	ne	version:	8.2.170.0	Trust: 0.3

sources: BID: 108008 // JVNDB: JVNDB-2019-003522 // NVD: CVE-2019-1800

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1800
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1800
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-1800
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201904-867
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-150302
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-1800
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-150302
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-1800
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1800
baseSeverity:	HIGH
baseScore:	7.4
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	4.0
version:	3.0
Trust: 1.0
NVD:	CVE-2019-1800
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-150302 // JVNDB: JVNDB-2019-003522 // CNNVD: CNNVD-201904-867 // NVD: CVE-2019-1800 // NVD: CVE-2019-1800

PROBLEMTYPE DATA

problemtype:	CWE-399	Trust: 1.9
problemtype:	CWE-20	Trust: 1.1

sources: VULHUB: VHN-150302 // JVNDB: JVNDB-2019-003522 // NVD: CVE-2019-1800

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201904-867

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201904-867

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-003522

PATCH

title:	cisco-sa-20190417-wlc-iapp	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-wlc-iapp	Trust: 0.8
title:	Cisco Wireless LAN Controller Software Remediation of resource management error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91701	Trust: 0.6

sources: JVNDB: JVNDB-2019-003522 // CNNVD: CNNVD-201904-867

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1800	Trust: 2.8
db:	BID	id:	108008	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-003522	Trust: 0.8
db:	CNNVD	id:	CNNVD-201904-867	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.1333	Trust: 0.6
db:	VULHUB	id:	VHN-150302	Trust: 0.1

sources: VULHUB: VHN-150302 // BID: 108008 // JVNDB: JVNDB-2019-003522 // CNNVD: CNNVD-201904-867 // NVD: CVE-2019-1800

REFERENCES

url:	http://www.securityfocus.com/bid/108008	Trust: 2.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190417-wlc-iapp	Trust: 2.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1800	Trust: 1.4
url:	http://www.cisco.com/en/us/products/ps6302/products_sub_category_home.html	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1800	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190417-wlc-cert-dos	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/79298	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-wireless-lan-controller-denial-of-service-via-iapp-message-29092	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-150302 // BID: 108008 // JVNDB: JVNDB-2019-003522 // CNNVD: CNNVD-201904-867 // NVD: CVE-2019-1800

CREDITS

Cisco

Trust: 0.9

sources: BID: 108008 // CNNVD: CNNVD-201904-867

SOURCES

db:	VULHUB	id:	VHN-150302
db:	BID	id:	108008
db:	JVNDB	id:	JVNDB-2019-003522
db:	CNNVD	id:	CNNVD-201904-867
db:	NVD	id:	CVE-2019-1800

LAST UPDATE DATE

2024-11-23T22:17:05.467000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-150302	date:	2020-10-13T00:00:00
db:	BID	id:	108008	date:	2019-04-17T00:00:00
db:	JVNDB	id:	JVNDB-2019-003522	date:	2019-05-20T00:00:00
db:	CNNVD	id:	CNNVD-201904-867	date:	2020-10-28T00:00:00
db:	NVD	id:	CVE-2019-1800	date:	2024-11-21T04:37:24.497

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-150302	date:	2019-04-18T00:00:00
db:	BID	id:	108008	date:	2019-04-17T00:00:00
db:	JVNDB	id:	JVNDB-2019-003522	date:	2019-05-20T00:00:00
db:	CNNVD	id:	CNNVD-201904-867	date:	2019-04-17T00:00:00
db:	NVD	id:	CVE-2019-1800	date:	2019-04-18T01:29:02.733