Vulnerabilities > Cisco > Aironet Access Point Software
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-24 | CVE-2020-3559 | Resource Exhaustion vulnerability in Cisco products A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.8 |
| 2018-05-02 | CVE-2018-0250 | Protection Mechanism Failure vulnerability in Cisco Aironet Access Point Software 8.2(160.0)/8.4(100.0)/8.7(1.3) A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent attacker to bypass a configured FlexConnect access control list (ACL). | 2.7 |
| 2018-05-02 | CVE-2018-0249 | Unspecified vulnerability in Cisco Aironet Access Point Software 8.2(161.0) A vulnerability when handling incoming 802.11 Association Requests for Cisco Aironet 1800 Series Access Point (APs) on Qualcomm Atheros (QCA) based hardware platforms could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. low complexity cisco | 3.3 |
| 2018-05-02 | CVE-2018-0247 | Improper Authentication vulnerability in Cisco products A vulnerability in Web Authentication (WebAuth) clients for the Cisco Wireless LAN Controller (WLC) and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. | 3.3 |
| 2018-05-02 | CVE-2018-0234 | Improper Input Validation vulnerability in Cisco Aironet Access Point Software 8.4(100.0)/8.5(103.0)/8.5(105.0) A vulnerability in the implementation of Point-to-Point Tunneling Protocol (PPTP) functionality in Cisco Aironet 1810, 1830, and 1850 Series Access Points could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 7.8 |
| 2017-03-15 | CVE-2017-3831 | Improper Authentication vulnerability in Cisco Aironet Access Point Software A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. | 10.0 |
| 2017-01-26 | CVE-2016-9221 | Resource Management Errors vulnerability in Cisco Aironet Access Point Software 8.2(121.12)/8.4(1.82) A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. | 3.3 |
| 2017-01-26 | CVE-2016-9220 | Resource Management Errors vulnerability in Cisco Aironet Access Point Software 8.2(130.0) A Denial of Service Vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause the connection table to be full of invalid connections and be unable to process new incoming requests. | 3.3 |
| 2016-08-22 | CVE-2016-6363 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Aironet Access Point Software The rate-limit feature in the 802.11 protocol implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via crafted 802.11 frames, aka Bug ID CSCva06192. | 6.1 |
| 2016-08-22 | CVE-2016-6362 | Permissions, Privileges, and Access Controls vulnerability in Cisco Aironet Access Point Software Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725. | 7.2 |