Cisco Wireless LAN Controller Secure Shell Unauthorized Access Vulnerability

medium Nessus Plugin ID 124333

Synopsis

The remote device is missing a vendor-supplied security patch

Description

According to its self-reported version, Cisco Wireless LAN Controller (WLC) is affected by following vulnerability

- A vulnerability in certain access control mechanisms for the Secure Shell (SSH) server implementation for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to access a CLI instance on an affected device.The vulnerability is due to a lack of proper input- and validation-checking mechanisms for inbound SSH connections on an affected device. An attacker could exploit this vulnerability by attempting to establish an SSH connection to an affected controller. An exploit could allow the attacker to access an affected device's CLI to potentially cause further attacks. (CVE-2019-1805)

Please see the included Cisco BIDs and Cisco Security Advisory for more information

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvk79421

See Also

http://www.nessus.org/u?f076a8ed

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvk79421

Plugin Details

Severity: Medium

ID: 124333

File Name: cisco-sa-20190417-wlc-ssh.nasl

Version: 1.7

Type: local

Family: CISCO

Published: 4/26/2019

Updated: 8/20/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 1.4

CVSS v2

Risk Factor: Low

Base Score: 3.3

Temporal Score: 2.4

Vector: CVSS2#AV:A/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2019-1805

CVSS v3

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.8

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Required KB Items: Host/Cisco/WLC/Version, Host/Cisco/WLC/Port

Exploit Ease: No known exploits are available

Patch Publication Date: 4/17/2019

Vulnerability Publication Date: 4/17/2019

Reference Information

CVE: CVE-2019-1805

BID: 108003

CWE: CWE-284

CISCO-SA: cisco-sa-20190417-wlc-ssh

IAVA: 2019-A-0132

CISCO-BUG-ID: CSCvk79421