CVE-2019-1830 - CERT CVE
ID CVE-2019-1830
Sažetak A vulnerability in Locally Significant Certificate (LSC) management for the Cisco Wireless LAN Controller (WLC) could allow an authenticated, remote attacker to cause the device to unexpectedly restart, which causes a denial of service (DoS) condition. The attacker would need to have valid administrator credentials. The vulnerability is due to incorrect input validation of the HTTP URL used to establish a connection to the LSC Certificate Authority (CA). An attacker could exploit this vulnerability by authenticating to the targeted device and configuring a LSC certificate. An exploit could allow the attacker to cause a DoS condition due to an unexpected restart of the device.
Reference
CVSS
Base: 6.8
Impact: 6.9
Exploitability:8.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW SINGLE
Impact
PovjerljivostCjelovitostDostupnost
NONE NONE COMPLETE
CVSS vektor AV:N/AC:L/Au:S/C:N/I:N/A:C
Zadnje važnije ažuriranje 09-10-2019 - 23:48
Objavljeno 18-04-2019 - 02:29