Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-20695

A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to bypass authentication controls and log in to the device through the management interface This vulnerability is due to the improper implementation of the password validation algorithm. An attacker could exploit this vulnerability by logging in to an affected device with crafted credentials. A successful exploit could allow the attacker to bypass authentication and log in to the device as an administrator. The attacker could obtain privileges that are the same level as an administrative user but it depends on the crafted credentials. Note: This vulnerability exists because of a non-default device configuration that must be present for it to be exploitable. For details about the vulnerable configuration, see the Vulnerable Products section of this advisory.

Published

2022-04-15T15:15:12.917

Last Modified

2024-11-21T06:43:20.707

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 10.0 (CRITICAL)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

8.6

Impact Score

10.0

Weaknesses

Type: Secondary
CWE-303
Type: Primary
CWE-287

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	cisco	wireless_lan_controller_8.10.151.0	*	Yes
Application	cisco	wireless_lan_controller_8.10.162.0	*	Yes
Application	cisco	virtual_wireless_controller	-	No
Hardware	cisco	3504_wireless_controller	-	No
Hardware	cisco	5520_wireless_controller	-	No
Hardware	cisco	8540_wireless_controller	-	No
Hardware	cisco	aironet_1540	-	No
Hardware	cisco	aironet_1542d	-	No
Hardware	cisco	aironet_1542i	-	No
Hardware	cisco	aironet_1560	-	No
Hardware	cisco	aironet_1562d	-	No
Hardware	cisco	aironet_1562e	-	No
Hardware	cisco	aironet_1562i	-	No
Hardware	cisco	aironet_1815	-	No
Hardware	cisco	aironet_1815i	-	No
Hardware	cisco	aironet_1815m	-	No
Hardware	cisco	aironet_1815t	-	No
Hardware	cisco	aironet_1815w	-	No
Hardware	cisco	aironet_1830	-	No
Hardware	cisco	aironet_1830e	-	No
Hardware	cisco	aironet_1830i	-	No
Hardware	cisco	aironet_1832	-	No
Hardware	cisco	aironet_1850	-	No
Hardware	cisco	aironet_1850e	-	No
Hardware	cisco	aironet_1850i	-	No
Hardware	cisco	aironet_1852	-	No
Hardware	cisco	aironet_2800	-	No
Hardware	cisco	aironet_2800e	-	No
Hardware	cisco	aironet_2800i	-	No
Hardware	cisco	aironet_3800	-	No
Hardware	cisco	aironet_3800e	-	No
Hardware	cisco	aironet_3800i	-	No
Hardware	cisco	aironet_3800p	-	No
Hardware	cisco	aironet_4800	-	No

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-auth-bypass-JRNhV4fF Vendor Advisory ([email protected])
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-auth-bypass-JRNhV4fF Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)