Vulnerability Details CVE-2019-1830
A vulnerability in Locally Significant Certificate (LSC) management for the Cisco Wireless LAN Controller (WLC) could allow an authenticated, remote attacker to cause the device to unexpectedly restart, which causes a denial of service (DoS) condition. The attacker would need to have valid administrator credentials. The vulnerability is due to incorrect input validation of the HTTP URL used to establish a connection to the LSC Certificate Authority (CA). An attacker could exploit this vulnerability by authenticating to the targeted device and configuring a LSC certificate. An exploit could allow the attacker to cause a DoS condition due to an unexpected restart of the device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.0%
CVSS Severity
CVSS v3 Score 4.9
CVSS v2 Score 6.8
References
Products affected by CVE-2019-1830
-
cpe:2.3:a:cisco:wireless_lan_controller_software:*
-
cpe:2.3:a:cisco:wireless_lan_controller_software:7.2.0
-
cpe:2.3:a:cisco:wireless_lan_controller_software:7.4.0
-
cpe:2.3:a:cisco:wireless_lan_controller_software:7.4.1.1
-
cpe:2.3:a:cisco:wireless_lan_controller_software:7.4.1.19
-
cpe:2.3:a:cisco:wireless_lan_controller_software:7.4.100.60
-
cpe:2.3:a:cisco:wireless_lan_controller_software:7.5.0
-
cpe:2.3:a:cisco:wireless_lan_controller_software:7.6.1.62
-
cpe:2.3:a:cisco:wireless_lan_controller_software:7.6.110.0
-
cpe:2.3:a:cisco:wireless_lan_controller_software:7.6.120.0
-
cpe:2.3:a:cisco:wireless_lan_controller_software:7.6.130.0
-
cpe:2.3:a:cisco:wireless_lan_controller_software:8.0.100
-
cpe:2.3:a:cisco:wireless_lan_controller_software:8.0.115.0
-
cpe:2.3:a:cisco:wireless_lan_controller_software:8.0.120.0
-
cpe:2.3:a:cisco:wireless_lan_controller_software:8.0.132.0
-
cpe:2.3:a:cisco:wireless_lan_controller_software:8.0.72.140
-
cpe:2.3:a:cisco:wireless_lan_controller_software:8.0_base
-
cpe:2.3:a:cisco:wireless_lan_controller_software:8.1(111.0)
-
cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.0
-
cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.104.37
-
cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.111.0
-
cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.122.0
-
cpe:2.3:a:cisco:wireless_lan_controller_software:8.3
-
cpe:2.3:a:cisco:wireless_lan_controller_software:8.3(141.0)
-
cpe:2.3:a:cisco:wireless_lan_controller_software:8.7
-
cpe:2.3:a:cisco:wireless_lan_controller_software:8.8.