Vulnerability Description
A vulnerability in login authentication management in Cisco Aironet 1800, 2800, and 3800 Series Access Point platforms could allow an authenticated, local attacker to gain unrestricted root access to the underlying Linux operating system. The root Linux shell is provided for advanced troubleshooting and should not be available to individual users, even those with root privileges. The attacker must have the root password to exploit this vulnerability. More Information: CSCvb13893. Known Affected Releases: 8.2(121.0) 8.3(102.0). Known Fixed Releases: 8.4(1.53) 8.4(1.52) 8.3(111.0) 8.3(104.23) 8.2(130.0) 8.2(124.1).
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Aironet Access Point | 8.1\(15.14\) |
| Cisco | Aironet 1800 | - |
| Cisco | Aironet 2800E | - |
| Cisco | Aironet 2800I | - |
| Cisco | Aironet 3800E | - |
| Cisco | Aironet 3800I | - |
| Cisco | Aironet 3800P | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/97468Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038187
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
- http://www.securityfocus.com/bid/97468Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038187
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
FAQ
What is CVE-2016-9196?
CVE-2016-9196 is a vulnerability with a CVSS score of 6.7 (MEDIUM). A vulnerability in login authentication management in Cisco Aironet 1800, 2800, and 3800 Series Access Point platforms could allow an authenticated, local attacker to gain unrestricted root access to ...
How severe is CVE-2016-9196?
CVE-2016-9196 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-9196?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Aironet Access Point, Cisco Aironet 1800, Cisco Aironet 2800E, Cisco Aironet 2800I, Cisco Aironet 3800E.