1. CVE-Search
  2. CVE-2019-1920
ID CVE-2019-1920
Summary A vulnerability in the 802.11r Fast Transition (FT) implementation for Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected interface. The vulnerability is due to a lack of complete error handling condition for client authentication requests sent to a targeted interface configured for FT. An attacker could exploit this vulnerability by sending crafted authentication request traffic to the targeted interface, causing the device to restart unexpectedly.
References
Vulnerable Configurations
  • cpe:2.3:o:cisco:aironet_3700e_firmware:15.3\(3\)jc14:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:aironet_3700e_firmware:15.3\(3\)jc14:*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:aironet_3700e_firmware:15.3\(3\)jd6:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:aironet_3700e_firmware:15.3\(3\)jd6:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:aironet_3700e:-:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:aironet_3700e:-:*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:aironet_3700i_firmware:15.3\(3\)jc14:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:aironet_3700i_firmware:15.3\(3\)jc14:*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:aironet_3700i_firmware:15.3\(3\)jd6:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:aironet_3700i_firmware:15.3\(3\)jd6:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:aironet_3700i:-:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:aironet_3700i:-:*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:aironet_3700p_firmware:15.3\(3\)jc14:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:aironet_3700p_firmware:15.3\(3\)jc14:*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:aironet_3700p_firmware:15.3\(3\)jd6:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:aironet_3700p_firmware:15.3\(3\)jd6:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:aironet_3700p:-:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:aironet_3700p:-:*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:access_points:8.0\(140.0\):*:*:*:*:*:*:*
    cpe:2.3:o:cisco:access_points:8.0\(140.0\):*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:access_points:8.2\(141.0\):*:*:*:*:*:*:*
    cpe:2.3:o:cisco:access_points:8.2\(141.0\):*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:access_points:8.2\(151.0\):*:*:*:*:*:*:*
    cpe:2.3:o:cisco:access_points:8.2\(151.0\):*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:access_points:8.3\(102.0\):*:*:*:*:*:*:*
    cpe:2.3:o:cisco:access_points:8.3\(102.0\):*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:access_points:8.3\(112.0\):*:*:*:*:*:*:*
    cpe:2.3:o:cisco:access_points:8.3\(112.0\):*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:access_points:8.3\(114.74\):*:*:*:*:*:*:*
    cpe:2.3:o:cisco:access_points:8.3\(114.74\):*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:access_points:8.3.140.0:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:access_points:8.3.140.0:*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:access_points:*:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:access_points:*:*:*:*:*:*:*:*
CVSS
Base: 6.1 (as of 16-10-2020 - 15:11)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
ADJACENT_NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:A/AC:L/Au:N/C:N/I:N/A:C
refmap via4
bid 109312
cisco 20190717 Cisco IOS Access Points Software 802.11r Fast Transition Denial of Service Vulnerability
Last major update 16-10-2020 - 15:11
Published 17-07-2019 - 21:15
Last modified 16-10-2020 - 15:11
Back to Top