Sign-up

ID

VAR-201904-0428


CVE

CVE-2019-1805


TITLE

Cisco Wireless LAN Controller Software access control vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-003520

DESCRIPTION

A vulnerability in certain access control mechanisms for the Secure Shell (SSH) server implementation for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to access a CLI instance on an affected device. The vulnerability is due to a lack of proper input- and validation-checking mechanisms for inbound SSH connections on an affected device. An attacker could exploit this vulnerability by attempting to establish an SSH connection to an affected controller. An exploit could allow the attacker to access an affected device's CLI to potentially cause further attacks. This vulnerability has been fixed in version 8.5(140.0). This may lead to further attacks. This issue is being tracked by Cisco Bug ID CSCvk79421

Trust: 1.98

sources: NVD: CVE-2019-1805 // JVNDB: JVNDB-2019-003520 // BID: 108003 // VULHUB: VHN-150357

AFFECTED PRODUCTS

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:8.3\(141.0\)

Trust: 1.0

vendor:ciscomodel:wireless lan controller softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:series wireless controllersscope:eqversion:55008.3(141.0)

Trust: 0.3

vendor:ciscomodel:series wireless controllersscope:neversion:55008.5(140.0)

Trust: 0.3

vendor:ciscomodel:series wireless controllersscope:neversion:55008.5(137.90)

Trust: 0.3

vendor:ciscomodel:series wireless controllersscope:neversion:55008.3(146.2)

Trust: 0.3

sources: BID: 108003 // JVNDB: JVNDB-2019-003520 // NVD: CVE-2019-1805

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1805
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1805
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1805
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201904-854
value: MEDIUM

Trust: 0.6

VULHUB: VHN-150357
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2019-1805
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-150357
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1805
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 1.4
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1805
baseSeverity: MEDIUM
baseScore: 5.4
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 2.5
version: 3.0

Trust: 1.0

NVD: CVE-2019-1805
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-150357 // JVNDB: JVNDB-2019-003520 // CNNVD: CNNVD-201904-854 // NVD: CVE-2019-1805 // NVD: CVE-2019-1805

PROBLEMTYPE DATA

problemtype:CWE-284

Trust: 1.9

problemtype:CWE-20

Trust: 1.1

sources: VULHUB: VHN-150357 // JVNDB: JVNDB-2019-003520 // NVD: CVE-2019-1805

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201904-854

TYPE

Input Validation Error

Trust: 0.9

sources: BID: 108003 // CNNVD: CNNVD-201904-854

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-003520

PATCH
title:cisco-sa-20190417-wlc-sshurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-wlc-ssh
Trust: 0.8
title:Cisco Wireless LAN Controller Software Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91688
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-003520 // 
            
            
            
            CNNVD: CNNVD-201904-854

EXTERNAL IDS
db:NVDid:CVE-2019-1805
Trust: 2.8
db:BIDid:108003
Trust: 2.0
db:JVNDBid:JVNDB-2019-003520
Trust: 0.8
db:CNNVDid:CNNVD-201904-854
Trust: 0.7
db:AUSCERTid:ESB-2019.1333
Trust: 0.6
db:VULHUBid:VHN-150357
Trust: 0.1
sources:
            
            
            VULHUB: VHN-150357 // 
            
            
            
            BID: 108003 // 
            
            
            
            JVNDB: JVNDB-2019-003520 // 
            
            
            
            CNNVD: CNNVD-201904-854 // 
            
            
            
            NVD: CVE-2019-1805

REFERENCES
url:http://www.securityfocus.com/bid/108003
Trust: 2.3
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190417-wlc-ssh
Trust: 2.0
url:https://nvd.nist.gov/vuln/detail/cve-2019-1805
Trust: 1.4
url:http://www.cisco.com/
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1805
Trust: 0.8
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190417-wlc-cert-dos
Trust: 0.6
url:https://www.auscert.org.au/bulletins/79298
Trust: 0.6
url:https://vigilance.fr/vulnerability/cisco-wireless-lan-controller-privilege-escalation-via-ssh-29093
Trust: 0.6
sources:
            
            
            VULHUB: VHN-150357 // 
            
            
            
            BID: 108003 // 
            
            
            
            JVNDB: JVNDB-2019-003520 // 
            
            
            
            CNNVD: CNNVD-201904-854 // 
            
            
            
            NVD: CVE-2019-1805

CREDITS
Cisco
Trust: 0.9
sources:
            
            
            BID: 108003 // 
            
            
            
            CNNVD: CNNVD-201904-854

SOURCES
db:VULHUBid:VHN-150357
db:BIDid:108003
db:JVNDBid:JVNDB-2019-003520
db:CNNVDid:CNNVD-201904-854
db:NVDid:CVE-2019-1805

LAST UPDATE DATE
2024-11-23T22:17:05.406000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-150357date:2020-10-13T00:00:00
db:BIDid:108003date:2019-04-17T00:00:00
db:JVNDBid:JVNDB-2019-003520date:2019-05-20T00:00:00
db:CNNVDid:CNNVD-201904-854date:2020-10-28T00:00:00
db:NVDid:CVE-2019-1805date:2024-11-21T04:37:25.007

SOURCES RELEASE DATE
db:VULHUBid:VHN-150357date:2019-04-18T00:00:00
db:BIDid:108003date:2019-04-17T00:00:00
db:JVNDBid:JVNDB-2019-003520date:2019-05-20T00:00:00
db:CNNVDid:CNNVD-201904-854date:2019-04-17T00:00:00
db:NVDid:CVE-2019-1805date:2019-04-18T01:29:02.890