First published: Thu Apr 18 2019(Updated: )
A vulnerability in the quality of service (QoS) feature of Cisco Aironet Series Access Points (APs) could allow an authenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation on QoS fields within Wi-Fi frames by the affected device. An attacker could exploit this vulnerability by sending malformed Wi-Fi frames to an affected device. A successful exploit could allow the attacker to cause the affected device to crash, resulting in a DoS condition.
Credit: ykramarz@cisco.com ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Aironet Access Point Firmware | ||
Cisco Aironet 1562d | ||
Cisco Aironet 1562e | ||
Cisco Aironet 1562i | ||
Cisco Aironet 2800e | ||
Cisco Aironet 2800i | ||
Cisco Aironet 3800e | ||
Cisco Aironet 3800i | ||
Cisco Aironet 3800p | ||
Cisco Aironet 4800 | ||
Cisco Aironet Access Point Firmware | =8.5\(131.3\) | |
Cisco Aironet 1850e | ||
Cisco Aironet 1850i | ||
All of | ||
Cisco Aironet Access Point Firmware | ||
Any of | ||
Cisco Aironet 1562d | ||
Cisco Aironet 1562e | ||
Cisco Aironet 1562i | ||
Cisco Aironet 2800e | ||
Cisco Aironet 2800i | ||
Cisco Aironet 3800e | ||
Cisco Aironet 3800i | ||
Cisco Aironet 3800p | ||
Cisco Aironet 4800 | ||
All of | ||
Cisco Aironet Access Point Firmware | =8.5\(131.3\) | |
Any of | ||
Cisco Aironet 1850e | ||
Cisco Aironet 1850i |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2019-1826.
The severity of CVE-2019-1826 is medium with a severity value of 5.7.
The Cisco Aironet Series Access Points (APs) with Cisco Aironet Access Point Firmware are affected by CVE-2019-1826.
An authenticated, adjacent attacker can exploit CVE-2019-1826 by causing a denial of service (DoS) condition on an affected device.
Yes, Cisco has released a security advisory with fixes for CVE-2019-1826. Please refer to the Cisco Security Advisory for more information.