CVE-2020-3261

Published Apr 15, 2020
Last updated 3 months ago
CVSS medium 6.5
Overview

Description: A vulnerability in the web-based management interface of Cisco Mobility Express Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user with an active session on an affected device to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions, including modifying the configuration, with the privilege level of the user.
Source: ykramarz@cisco.com
NVD status: Modified
Risk scores

CVSS 3.1

Type: Primary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Severity: MEDIUM
CVSS 3.0

Type: Secondary
Base score: 8.1
Impact score: 5.2
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses

ykramarz@cisco.com: CWE-352
nvd@nist.gov: CWE-352
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:aironet_1542i_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4743D728-DE98-4ECF-9C19-495D74F8E26B",
            "versionEndExcluding": "8.8.130.0",
            "versionStartIncluding": "8.0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_1542i_firmware:8.10\\(1.255\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2CD95A3A-ECAD-4464-B7B1-C9A8F4D4FE4E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3AE916B2-CAAD-4508-A47E-A7D4D88B077A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:aironet_1542d_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33B38D29-731C-46FD-8937-2CCB75CCBE9E",
            "versionEndExcluding": "8.8.130.0",
            "versionStartIncluding": "8.0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_1542d_firmware:8.10\\(1.255\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CC3DD26-1AEB-4E02-92C3-2B72AC552AC1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C5DB7510-2741-464A-8FC9-8419985E330F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:aironet_1562i_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34C96EE1-C7B8-4473-A7CB-5484CAAA5A67",
            "versionEndExcluding": "8.8.130.0",
            "versionStartIncluding": "8.0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_1562i_firmware:8.10\\(1.255\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B05F6D72-0E41-4436-B4B8-436BF13AA152"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D27AB201-342D-4517-9E05-6088598F4695"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:aironet_1562e_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C36C2A23-8B4A-4A01-9947-30D5A763DE1A",
            "versionEndExcluding": "8.8.130.0",
            "versionStartIncluding": "8.0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_1562e_firmware:8.10\\(1.255\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28198B57-F0D0-46B8-8FCB-8D239C150DFB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "99EAEA92-6589-4DFB-BC4B-8CBA425452D9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:aironet_1562d_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C68430E0-1022-4F34-BEA9-DC68B8A7662E",
            "versionEndExcluding": "8.8.130.0",
            "versionStartIncluding": "8.0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_1562d_firmware:8.10\\(1.255\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F48A0DB5-65D7-4272-B7C0-52888346A650"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1D717945-EE41-4D0F-86EF-90826EBE9C3E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:aironet_1815_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1DDF107-2C92-4479-AF05-FE81305E4D34",
            "versionEndExcluding": "8.8.130.0",
            "versionStartIncluding": "8.0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_1815_firmware:8.10\\(1.255\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C85C7BC2-1A61-4347-A6CC-9429F4DE086A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F8BF9DDB-884D-47B5-A295-8BFA5207C412"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:aironet_1830_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5DAB9A21-B740-4B43-AF53-5A96D1D39659",
            "versionEndExcluding": "8.8.130.0",
            "versionStartIncluding": "8.0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_1830_firmware:8.10\\(1.255\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59E830C6-3580-473D-98BD-E0E544ED4185"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1830:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "093AB3A8-853B-4094-BFB5-6A8775AAA8D3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:aironet_1840_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DEE5B56-01C3-4C96-9ED5-4EC8245B3AC2",
            "versionEndExcluding": "8.8.130.0",
            "versionStartIncluding": "8.0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_1840_firmware:8.10\\(1.255\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33866E28-2081-46FA-83C6-957C031682F1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1840:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A69CA9D6-914D-436F-AA81-B218CC312D29"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:aironet_1850_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13A84D4B-F455-4838-9C1E-6B13BCCA0B72",
            "versionEndExcluding": "8.8.130.0",
            "versionStartIncluding": "8.0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_1850_firmware:8.10\\(1.255\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CAB0CEC3-BBEF-4103-B952-2813596E0C2F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1850:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BE0B76A8-377E-4176-8F04-B0D468D4E767"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:aironet_2800i_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B14D6BC8-C900-47C3-9CB6-A705CAB526EC",
            "versionEndExcluding": "8.8.130.0",
            "versionStartIncluding": "8.0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_2800i_firmware:8.10\\(1.255\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F05A57CB-944C-4BC0-86BE-098E9001F4AF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DD1D5813-9223-4B3F-9DE2-F3EF854FC927"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:aironet_2800e_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16C65C71-9805-4CE9-9612-504CA83A923A",
            "versionEndExcluding": "8.8.130.0",
            "versionStartIncluding": "8.0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_2800e_firmware:8.10\\(1.255\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FC00793-2FA7-4828-9982-D148C82229AB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "098A82FF-95F7-416A-BADD-C57CE81ACD32"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:aironet_3800i_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13219F7A-9396-44D9-B01C-AAD44DD350A8",
            "versionEndExcluding": "8.8.130.0",
            "versionStartIncluding": "8.0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_3800i_firmware:8.10\\(1.255\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C32AA518-D8B0-4836-A1A0-79EAE97A9B85"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "945DDBE7-6233-416B-9BEE-7029F047E298"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:aironet_3800e_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "115A547A-9CB9-4488-9BAF-5222A16E5264",
            "versionEndExcluding": "8.8.130.0",
            "versionStartIncluding": "8.0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_3800e_firmware:8.10\\(1.255\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CF1D2BA-0293-4323-8295-76A9F6D0DC72"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "10D7583E-2B61-40F1-B9A6-701DA08F8CDF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:aironet_3800p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "515B7F08-03BA-4BC9-A663-930C2FC6E003",
            "versionEndExcluding": "8.8.130.0",
            "versionStartIncluding": "8.0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_3800p_firmware:8.10\\(1.255\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F59162B-4AD3-4AFC-9A83-266531B37BC4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0ED89428-750C-4C26-B2A1-E3D63F8B3F44"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:aironet_4800_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A96FD2AD-66EF-4E40-ADA8-6B04CDC16C0B",
            "versionEndExcluding": "8.8.130.0",
            "versionStartIncluding": "8.0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_4800_firmware:8.10\\(1.255\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4D7F5DD-253F-4838-9D03-881138F52EAE"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:catalyst_iw6300_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F48F9C4-58D2-4B15-9BC3-E90DC1E82399",
            "versionEndExcluding": "8.8.130.0",
            "versionStartIncluding": "8.0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:catalyst_iw6300_firmware:8.10\\(1.255\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "220BA40C-28C6-4CBB-B35C-FDDDD89DBEF1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:6300_series_access_points_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B7F56FF-85B8-49B2-858D-A6FA4C1C5CD2",
            "versionEndExcluding": "8.8.130.0",
            "versionStartIncluding": "8.0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:6300_series_access_points_firmware:8.10\\(1.255\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "543A29BF-3166-4EF9-A075-50EB9CB0E9FC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:6300_series_access_points:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6E6F57DE-E039-49D7-B240-48CBD9CACD6C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
