==================================================================== CERT-Renater Note d'Information No. 2019/VULN102 _____________________________________________________________________ DATE : 18/04/2019 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Cisco Wireless LAN Controller Software. ===================================================================== https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-wlc-csrf _____________________________________________________________________ Cisco Security Advisory: Cisco Wireless LAN Controller Software Cross-Site Request Forgery Vulnerability Advisory ID: cisco-sa-20190417-wlc-csrf Revision: 1.0 For Public Release: 2019 April 17 16:00 GMT Last Updated: 2019 April 17 16:00 GMT CVE ID(s): CVE-2019-1797 CVSS Score v(3): 8.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H +--------------------------------------------------------------------- Summary ======= A vulnerability in the web-based management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on the device with the privileges of the user, including modifying the device configuration. The vulnerability is due to insufficient CSRF protections for the web- based management interface of an affected device. An attacker could exploit this vulnerability by persuading an interface user to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on the device with the privileges of the user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-wlc-csrf ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-wlc-csrf"] _____________________________________________________________________ Cisco Security Advisory: Cisco Wireless LAN Controller Software IAPP Message Handling Denial of Service Vulnerabilities Advisory ID: cisco-sa-20190417-wlc-iapp Revision: 1.0 For Public Release: 2019 April 17 16:00 GMT Last Updated: 2019 April 17 16:00 GMT CVE ID(s): CVE-2019-1796, CVE-2019-1799, CVE-2019-1800 CVSS Score v(3): 7.4 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H +--------------------------------------------------------------------- Summary ======= Multiple vulnerabilities in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerabilities exist because the software improperly validates input on fields within IAPP messages. An attacker could exploit the vulnerabilities by sending malicious IAPP messages to an affected device. A successful exploit could allow the attacker to cause the Cisco WLC Software to reload, resulting in a DoS condition. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-wlc-iapp ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-wlc-iapp"] ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================