CVE-2019-15264
MEDIUMCisco Aironet and Catalyst 9100 Access Points - Unauthenticated Denial of Service via CAPWAP Message Flood
Title source: llmDescription
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol implementation of Cisco Aironet and Catalyst 9100 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to improper resource management during CAPWAP message processing. An attacker could exploit this vulnerability by sending a high volume of legitimate wireless management frames within a short time to an affected device. A successful exploit could allow the attacker to cause a device to restart unexpectedly, resulting in a DoS condition for clients associated with the AP.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-capwap-dos
Scores
CVSS v3
6.5
EPSS
0.0046
EPSS Percentile
36.4%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-400
Status
published
Products (17)
cisco/aironet_1540_firmware
cisco/aironet_1560_firmware
cisco/aironet_1850_firmware
cisco/aironet_1850_firmware
8.9\(1.249\)
cisco/aironet_1850_firmware
8.9\(1.255\)
cisco/aironet_1850_firmware
8.9\(4.28\)
cisco/aironet_1850_firmware
8.9\(4.41\)
cisco/aironet_1850_firmware
8.9\(4.49\)
cisco/aironet_1850_firmware
8.9\(4.55\)
cisco/aironet_1850_firmware
8.9\(4.58\)
... and 7 more
Published
Oct 16, 2019
Tracked Since
Feb 18, 2026