CVE-2017-3831
Last modified
CVE-2017-3831 is a vulnerability of currently unknown severity. A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. EPSS estimates a 5.27% chance of exploitation in the next 30 days.
Description
A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for accessing certain web pages using the GUI interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected system. A successful exploit could allow the attacker to bypass authentication and perform unauthorized configuration changes or issue control commands to the affected device. This vulnerability affects Cisco Mobility Express 1800 Series Access Points running a software version prior to 8.2.110.0. Cisco Bug IDs: CSCuy68219.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Aironet Access Point Software | 8.1\(15.14\) |
| Cisco | Aironet Access Point Software | 8.1\(112.3\) |
| Cisco | Aironet Access Point Software | 8.1\(112.4\) |
| Cisco | Aironet Access Point Software | 8.1\(131.0\) |
References
- http://www.securityfocus.com/bid/96909Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/96909Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-3831?
How severe is CVE-2017-3831?
How do I fix CVE-2017-3831?
Are you affected by CVE-2017-3831?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST