CVE-2019-1897

A vulnerability in the web-based management interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to disconnect clients that are connected to the guest network on an affected router. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing the URL for device disconnection and providing the connected device information. A successful exploit could allow the attacker to deny service to specific clients that are connected to the guest network.

CVSS v3 5.3 MEDIUM
CVSS v2.0 5.0 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.securityfocus.com/bid/108848	Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-rv-dos	Vendor Advisory
https://www.tenable.com/security/research/tra-2019-29	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:rv110w_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:cisco:rv130w_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv130w:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:cisco:rv215w_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv215w:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-06-20 03:15

Updated : 2024-02-28 17:08

NVD link : CVE-2019-1897

Mitre link : CVE-2019-1897

CVE.ORG link : CVE-2019-1897

JSON object : View

Products Affected

cisco

rv130w_firmware
rv130w
rv110w_firmware
rv215w_firmware
rv110w
rv215w

CWE

CWE-306

Missing Authentication for Critical Function

CWE-285

Improper Authorization

{"id": "CVE-2019-1897", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2019-06-20T03:15:12.353", "references": [{"url": "http://www.securityfocus.com/bid/108848", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-rv-dos", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "https://www.tenable.com/security/research/tra-2019-29", "tags": ["Exploit", "Third Party Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-306"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-285"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to disconnect clients that are connected to the guest network on an affected router. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing the URL for device disconnection and providing the connected device information. A successful exploit could allow the attacker to deny service to specific clients that are connected to the guest network."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores RV110W, RV130W y RV215W de Cisco, podr\u00eda permitir a un atacante remoto no autenticado desconectar a los clientes que est\u00e1n conectados a la red de invitado en un enrutador afectado. Una vulnerabilidad es debido a la autorizaci\u00f3n inapropiada de una petici\u00f3n HTTP. Un atacante podr\u00eda explotar esta vulnerabilidad accediendo a la URL para la desconexi\u00f3n del dispositivo y proporcionando la informaci\u00f3n del dispositivo conectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante denegar el servicio a clientes espec\u00edficos que se encuentran conectados a la red de invitado."}], "lastModified": "2020-10-16T15:06:03.480", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:rv110w_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "981CCB8D-D73D-469A-9BB2-4612E132FC38"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "20E8ECAC-E842-41DB-9612-9374A9648DC2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:rv130w_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4E299E1-FDD8-4DF4-B255-1F8FACC7664B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:rv130w:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C3C9AFAA-1387-4067-AF7E-2E4AAD2A272A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:rv215w_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78E44728-3154-40D6-B051-57B4BD869551"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:rv215w:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8686AB22-F757-468A-930B-DDE45B508969"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}