CVE-2019-1920
Cisco IOS Access Points Software 802.11r Fast Transition Denial of Service Vulnerability
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.4EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
17 jul 2019Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability in the 802.11r Fast Transition (FT) implementation for Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected interface. The vulnerability is due to a lack of complete error handling condition for client authentication requests sent to a targeted interface configured for FT. An attacker could exploit this vulnerability by sending crafted authentication request traffic to the targeted interface, causing the device to restart unexpectedly.
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Productos afectados
Cisco · Cisco Aironet Access Point Software