Executive Summary

Informations
NameCVE-2019-1805First vendor Publication2019-04-17
VendorCveLast vendor Modification2019-04-19

Security-Database Scoring CVSS v2

Cvss vector : (AV:A/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score3.3Attack RangeAdjacent network
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score6.5AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in certain access control mechanisms for the Secure Shell (SSH) server implementation for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to access a CLI instance on an affected device. The vulnerability is due to a lack of proper input- and validation-checking mechanisms for inbound SSH connections on an affected device. An attacker could exploit this vulnerability by attempting to establish an SSH connection to an affected controller. An exploit could allow the attacker to access an affected device's CLI to potentially cause further attacks. This vulnerability has been fixed in version 8.5(140.0).

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1805

CWE : Common Weakness Enumeration

%idName
100 %CWE-284Access Control (Authorization) Issues

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/108003
CISCO https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-s...

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2019-04-19 17:18:59
  • Multiple Updates
2019-04-19 13:19:06
  • Multiple Updates
2019-04-18 09:19:12
  • First insertion