CVE-2020-3261: Cisco Mobility Express Software Cross-Site Request Forgery Vulnerability
First published: Wed Apr 15 2020(Updated: )
A vulnerability in the web-based management interface of Cisco Mobility Express Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user with an active session on an affected device to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions, including modifying the configuration, with the privilege level of the user.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Aironet 1542i Firmware | >=8.0<8.8.130.0 | |
| Cisco Aironet 1542i Firmware | =8.10\(1.255\) | |
| Cisco Aironet 1542i Firmware | ||
| Cisco Aironet 1542D | >=8.0<8.8.130.0 | |
| Cisco Aironet 1542D | =8.10\(1.255\) | |
| Cisco Aironet 1542D | ||
| Cisco Aironet 1562 firmware | >=8.0<8.8.130.0 | |
| Cisco Aironet 1562 firmware | =8.10\(1.255\) | |
| Cisco Aironet 1562 firmware | ||
| Cisco Aironet 1562E | >=8.0<8.8.130.0 | |
| Cisco Aironet 1562E | =8.10\(1.255\) | |
| Cisco Aironet 1562E Firmware | ||
| Cisco Aironet 1562 firmware | >=8.0<8.8.130.0 | |
| Cisco Aironet 1562 firmware | =8.10\(1.255\) | |
| Cisco Aironet 1562 firmware | ||
| Cisco Aironet 1815 Firmware | >=8.0<8.8.130.0 | |
| Cisco Aironet 1815 Firmware | =8.10\(1.255\) | |
| Cisco Aironet 1815 Firmware | ||
| Cisco Aironet 1830i Firmware | >=8.0<8.8.130.0 | |
| Cisco Aironet 1830i Firmware | =8.10\(1.255\) | |
| Cisco Aironet 1830i Firmware | ||
| Cisco Aironet 1840i Firmware | >=8.0<8.8.130.0 | |
| Cisco Aironet 1840i Firmware | =8.10\(1.255\) | |
| Cisco Aironet 1840i Firmware | ||
| Cisco Aironet 1850i Firmware | >=8.0<8.8.130.0 | |
| Cisco Aironet 1850i Firmware | =8.10\(1.255\) | |
| Cisco Aironet 1850i Firmware | ||
| Cisco Aironet 2800 Firmware | >=8.0<8.8.130.0 | |
| Cisco Aironet 2800 Firmware | =8.10\(1.255\) | |
| Cisco Aironet 2800 Firmware | ||
| Cisco Aironet 2800e Firmware | >=8.0<8.8.130.0 | |
| Cisco Aironet 2800e Firmware | =8.10\(1.255\) | |
| Cisco Aironet 2800e Firmware | ||
| Cisco Aironet 3800 Firmware | >=8.0<8.8.130.0 | |
| Cisco Aironet 3800 Firmware | =8.10\(1.255\) | |
| Cisco Aironet 3800 Firmware | ||
| Cisco Aironet 3800 Firmware | >=8.0<8.8.130.0 | |
| Cisco Aironet 3800 Firmware | =8.10\(1.255\) | |
| Cisco Aironet 3800E Firmware | ||
| Cisco Aironet 3800 Firmware | >=8.0<8.8.130.0 | |
| Cisco Aironet 3800 Firmware | =8.10\(1.255\) | |
| Cisco Aironet 3800P Firmware | ||
| Cisco Aironet 4800 Firmware | >=8.0<8.8.130.0 | |
| Cisco Aironet 4800 Firmware | =8.10\(1.255\) | |
| Cisco Aironet 4800 Firmware | ||
| Cisco Catalyst IW6300 DC Firmware | >=8.0<8.8.130.0 | |
| Cisco Catalyst IW6300 DC Firmware | =8.10\(1.255\) | |
| Cisco Catalyst IW6300 AC Firmware | ||
| Cisco 6300 Series Access Points Firmware | >=8.0<8.8.130.0 | |
| Cisco 6300 Series Access Points Firmware | =8.10\(1.255\) | |
| Cisco 6300 Series Access Points Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-3261?
CVE-2020-3261 is rated as high severity due to the potential for unauthenticated remote attacks using cross-site request forgery.
How do I fix CVE-2020-3261?
To fix CVE-2020-3261, you should upgrade the affected Cisco Mobility Express Software to the latest version that addresses the vulnerability.
Which Cisco products are affected by CVE-2020-3261?
CVE-2020-3261 affects various Cisco Aironet firmware versions, specifically those prior to version 8.8.130.0 and including 8.10(1.255).
Can CVE-2020-3261 be exploited remotely?
Yes, CVE-2020-3261 can be exploited remotely by an unauthenticated attacker through cross-site request forgery.
What protections are insufficient in CVE-2020-3261?
CVE-2020-3261 is due to insufficient cross-site request forgery protections in the web-based management interface of Cisco Mobility Express Software.
- agent/type
- agent/weakness
- agent/author
- agent/references
- agent/description
- agent/title
- agent/severity
- agent/event
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco aironet 1542i firmware
- version/cisco aironet 1542i firmware/8.0
- version/cisco aironet 1542i firmware/8.10\(1.255\)
- canonical/cisco aironet 1542d
- version/cisco aironet 1542d/8.0
- version/cisco aironet 1542d/8.10\(1.255\)
- canonical/cisco aironet 1562 firmware
- version/cisco aironet 1562 firmware/8.0
- version/cisco aironet 1562 firmware/8.10\(1.255\)
- canonical/cisco aironet 1562e
- version/cisco aironet 1562e/8.0
- version/cisco aironet 1562e/8.10\(1.255\)
- canonical/cisco aironet 1562e firmware
- canonical/cisco aironet 1815 firmware
- version/cisco aironet 1815 firmware/8.0
- version/cisco aironet 1815 firmware/8.10\(1.255\)
- canonical/cisco aironet 1830i firmware
- version/cisco aironet 1830i firmware/8.0
- version/cisco aironet 1830i firmware/8.10\(1.255\)
- canonical/cisco aironet 1840i firmware
- version/cisco aironet 1840i firmware/8.0
- version/cisco aironet 1840i firmware/8.10\(1.255\)
- canonical/cisco aironet 1850i firmware
- version/cisco aironet 1850i firmware/8.0
- version/cisco aironet 1850i firmware/8.10\(1.255\)
- canonical/cisco aironet 2800 firmware
- version/cisco aironet 2800 firmware/8.0
- version/cisco aironet 2800 firmware/8.10\(1.255\)
- canonical/cisco aironet 2800e firmware
- version/cisco aironet 2800e firmware/8.0
- version/cisco aironet 2800e firmware/8.10\(1.255\)
- canonical/cisco aironet 3800 firmware
- version/cisco aironet 3800 firmware/8.0
- version/cisco aironet 3800 firmware/8.10\(1.255\)
- canonical/cisco aironet 3800e firmware
- canonical/cisco aironet 3800p firmware
- canonical/cisco aironet 4800 firmware
- version/cisco aironet 4800 firmware/8.0
- version/cisco aironet 4800 firmware/8.10\(1.255\)
- canonical/cisco catalyst iw6300 dc firmware
- version/cisco catalyst iw6300 dc firmware/8.0
- version/cisco catalyst iw6300 dc firmware/8.10\(1.255\)
- canonical/cisco catalyst iw6300 ac firmware
- canonical/cisco 6300 series access points firmware
- version/cisco 6300 series access points firmware/8.0
- version/cisco 6300 series access points firmware/8.10\(1.255\)