CVE-2017-3831
First published: Wed Mar 15 2017(Updated: )
A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for accessing certain web pages using the GUI interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected system. A successful exploit could allow the attacker to bypass authentication and perform unauthorized configuration changes or issue control commands to the affected device. This vulnerability affects Cisco Mobility Express 1800 Series Access Points running a software version prior to 8.2.110.0. Cisco Bug IDs: CSCuy68219.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Access Point Software | =8.1\(15.14\) | |
| Cisco Access Point Software | =8.1\(112.3\) | |
| Cisco Access Point Software | =8.1\(112.4\) | |
| Cisco Access Point Software | =8.1\(131.0\) | |
| Cisco Aironet 1810 | ||
| Cisco Aironet 1810w | ||
| Cisco Aironet 1815i | ||
| Cisco Aironet 1830E Firmware | ||
| Cisco Aironet 1830i Access Point | ||
| Cisco Aironet 1850e Access Point | ||
| Cisco Aironet 1850i Access Point |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-3831?
CVE-2017-3831 has been rated as a high-severity vulnerability due to its potential to allow unauthenticated access to administrative functions.
How do I fix CVE-2017-3831?
To remediate CVE-2017-3831, update the affected Cisco Mobility Express 1800 Series Access Points to the latest software version that addresses this vulnerability.
What versions are affected by CVE-2017-3831?
CVE-2017-3831 affects specific versions of Cisco Aironet Access Point Software including 8.1(15.14), 8.1(112.3), 8.1(112.4), and 8.1(131.0).
Can CVE-2017-3831 be exploited remotely?
Yes, CVE-2017-3831 can be exploited remotely by an unauthenticated attacker, allowing them to gain full administrative privileges.
What are the implications of CVE-2017-3831?
The exploitation of CVE-2017-3831 can lead to unauthorized access and control over network configurations, posing significant security risks.
- agent/weakness
- agent/references
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/severity
- agent/author
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco access point software
- version/cisco access point software/8.1\(15.14\)
- version/cisco access point software/8.1\(112.3\)
- version/cisco access point software/8.1\(112.4\)
- version/cisco access point software/8.1\(131.0\)
- canonical/cisco aironet 1810
- canonical/cisco aironet 1810w
- canonical/cisco aironet 1815i
- canonical/cisco aironet 1830e firmware
- canonical/cisco aironet 1830i access point
- canonical/cisco aironet 1850e access point
- canonical/cisco aironet 1850i access point