CVE-2019-15264 (CNNVD-201910-1112)
中文标题:
Cisco Aironet and Catalyst 9100 Access Points 资源管理错误漏洞
英文标题:
Cisco Aironet Access Points and Catalyst 9100 Access Points CAPWAP Denial of Service Vulnerability
漏洞描述
中文描述:
Cisco Aironet and Catalyst 9100 Access Points (APs) 中的Control and Provisioning of Wireless Access Points (CAPWAP)协议实现存在资源管理错误漏洞,该漏洞源于程序没有进行正确的资源管理。攻击者可通过在短时间内发送大量的合法无线管理帧利用该漏洞造成拒绝服务。以下产品及版本受到影响:Cisco Aironet 1540;Series Aps;Aironet 1560 Series Aps;Aironet 1800 Series APs;Aironet 2800 Series APs;Aironet 3800 Series APs;Aironet 4800 APs;Catalyst 9100 APs。
英文描述:
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol implementation of Cisco Aironet and Catalyst 9100 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to improper resource management during CAPWAP message processing. An attacker could exploit this vulnerability by sending a high volume of legitimate wireless management frames within a short time to an affected device. A successful exploit could allow the attacker to cause a device to restart unexpectedly, resulting in a DoS condition for clients associated with the AP.
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| Cisco | Cisco Aironet Access Point Software | - | < n/a | - |
cpe:2.3:a:cisco:cisco_aironet_access_point_software:*:*:*:*:*:*:*:*
|
| cisco | aironet_1540_firmware | - | - | - |
cpe:2.3:o:cisco:aironet_1540_firmware:-:*:*:*:*:*:*:*
|
| cisco | aironet_1560_firmware | - | - | - |
cpe:2.3:o:cisco:aironet_1560_firmware:-:*:*:*:*:*:*:*
|
| cisco | aironet_1850_firmware | - | - | - |
cpe:2.3:o:cisco:aironet_1850_firmware:-:*:*:*:*:*:*:*
|
| cisco | aironet_1850_firmware | 8.9\(1.249\) | - | - |
cpe:2.3:o:cisco:aironet_1850_firmware:8.9\(1.249\):*:*:*:*:*:*:*
|
| cisco | aironet_1850_firmware | 8.9\(1.255\) | - | - |
cpe:2.3:o:cisco:aironet_1850_firmware:8.9\(1.255\):*:*:*:*:*:*:*
|
| cisco | aironet_1850_firmware | 8.9\(4.28\) | - | - |
cpe:2.3:o:cisco:aironet_1850_firmware:8.9\(4.28\):*:*:*:*:*:*:*
|
| cisco | aironet_1850_firmware | 8.9\(4.41\) | - | - |
cpe:2.3:o:cisco:aironet_1850_firmware:8.9\(4.41\):*:*:*:*:*:*:*
|
| cisco | aironet_1850_firmware | 8.9\(4.49\) | - | - |
cpe:2.3:o:cisco:aironet_1850_firmware:8.9\(4.49\):*:*:*:*:*:*:*
|
| cisco | aironet_1850_firmware | 8.9\(4.55\) | - | - |
cpe:2.3:o:cisco:aironet_1850_firmware:8.9\(4.55\):*:*:*:*:*:*:*
|
| cisco | aironet_1850_firmware | 8.9\(4.58\) | - | - |
cpe:2.3:o:cisco:aironet_1850_firmware:8.9\(4.58\):*:*:*:*:*:*:*
|
| cisco | aironet_1850_firmware | 8.9\(104.24\) | - | - |
cpe:2.3:o:cisco:aironet_1850_firmware:8.9\(104.24\):*:*:*:*:*:*:*
|
| cisco | aironet_1850_firmware | 8.10\(1.139\) | - | - |
cpe:2.3:o:cisco:aironet_1850_firmware:8.10\(1.139\):*:*:*:*:*:*:*
|
| cisco | aironet_1850_firmware | 8.10\(1.146\) | - | - |
cpe:2.3:o:cisco:aironet_1850_firmware:8.10\(1.146\):*:*:*:*:*:*:*
|
| cisco | aironet_2800_firmware | - | - | - |
cpe:2.3:o:cisco:aironet_2800_firmware:-:*:*:*:*:*:*:*
|
| cisco | aironet_3800_firmware | - | - | - |
cpe:2.3:o:cisco:aironet_3800_firmware:-:*:*:*:*:*:*:*
|
| cisco | aironet_4800_firmware | - | - | - |
cpe:2.3:o:cisco:aironet_4800_firmware:-:*:*:*:*:*:*:*
|
| cisco | catalyst_9100_firmware | - | - | - |
cpe:2.3:o:cisco:catalyst_9100_firmware:-:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
参考链接
cve.org
CVSS评分详情
3.0 (cna)
HIGHCVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2019-15264 |
2025-11-11 15:20:03 | 2025-11-11 07:35:35 |
| NVD | nvd_CVE-2019-15264 |
2025-11-11 14:56:28 | 2025-11-11 07:44:07 |
| CNNVD | cnnvd_CNNVD-201910-1112 |
2025-11-11 15:10:18 | 2025-11-11 07:54:58 |
版本与语言
安全公告
变更历史
查看详细变更
- vulnerability_type: 未提取 -> 资源管理错误
- cnnvd_id: 未提取 -> CNNVD-201910-1112
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- affected_products_count: 1 -> 18
- data_sources: ['cve'] -> ['cve', 'nvd']