Cisco Wireless LAN Controller Locally Significant Certificate Denial of Service Vulnerability

medium Nessus Plugin ID 124334

Synopsis

The remote device is missing a vendor-supplied security patch

Description

According to its self-reported version, Cisco Wireless LAN Controller (WLC) is affected by following vulnerability

- A vulnerability in Locally Significant Certificate (LSC) management for the Cisco Wireless LAN Controller (WLC) could allow an authenticated, remote attacker to cause the device to unexpectedly restart, which causes a denial of service (DoS) condition. The attacker would need to have valid administrator credentials.The vulnerability is due to incorrect input validation of the HTTP URL used to establish a connection to the LSC Certificate Authority (CA). An attacker could exploit this vulnerability by authenticating to the targeted device and configuring a LSC certificate. An exploit could allow the attacker to cause a DoS condition due to an unexpected restart of the device. (CVE-2019-1830)

Please see the included Cisco BIDs and Cisco Security Advisory for more information

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvj07995

See Also

http://www.nessus.org/u?6ef69a18

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvj07995

Plugin Details

Severity: Medium

ID: 124334

File Name: cisco-sa-20190417-wlc-cert-dos.nasl

Version: 1.8

Type: combined

Family: CISCO

Published: 4/26/2019

Updated: 5/14/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS Score Source: CVE-2019-1830

CVSS v3

Risk Factor: Medium

Base Score: 4.9

Temporal Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:wireless_lan_controller_software, cpe:/h:cisco:wireless_lan_controller

Required KB Items: Host/Cisco/WLC/Version, Host/Cisco/WLC/Port

Exploit Ease: No known exploits are available

Patch Publication Date: 4/17/2019

Vulnerability Publication Date: 4/17/2019

Reference Information

CVE: CVE-2019-1830

BID: 108028

CWE: CWE-20

CISCO-SA: cisco-sa-20190417-wlc-cert-dos

IAVA: 2019-A-0132

CISCO-BUG-ID: CSCvj07995