Cisco Security Advisory: Cisco Mobility Express 1800 Access Point Series Authentication Bypass Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----=0D=0AHash: SHA1=0D=0A=0D=0ACis=
co Security Advisory: Cisco Mobility Express 1800 Access Point Se=
ries Authentication Bypass Vulnerability=0D=0A=0D=0AAdvisory ID: =
cisco-sa-20170315-ap1800=0D=0A=0D=0ARevision: 1.0=0D=0A=0D=0AFor =
Public Release: 2017 March 15 16:00 GMT=0D=0A=0D=0ALast Updated: =
2017 March 15 16:00 GMT=0D=0A=0D=0ACVE ID(s): CVE-2017-3831=0D=0A=
=0D=0ACVSS Score v(3): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I=
:H/A:H=0D=0A=0D=0A+----------------------------------------------=
-----------------------=0D=0A=0D=0ASummary=0D=0A=3D=3D=3D=3D=3D=3D=
=3D=0D=0AA vulnerability in the web-based GUI of Cisco Mobility E=
xpress 1800 Series Access Points could allow an unauthenticated, =
remote attacker to bypass authentication. The attacker could be g=
ranted full administrator privileges.=0D=0A=0D=0AThe vulnerabilit=
y is due to improper implementation of authentication for accessi=
ng certain web pages using the GUI interface. An attacker could e=
xploit this vulnerability by sending a crafted HTTP request to th=
e web interface of the affected system. A successful exploit coul=
d allow the attacker to bypass authentication and perform unautho=
rized configuration changes or issue control commands to the affe=
cted device.=0D=0A=0D=0ACisco has released software updates that =
address this vulnerability. There are no workarounds that address=
 this vulnerability.=0D=0A=0D=0AThis advisory is available at the=
 following link:=0D=0Ahttps://tools.cisco.com/security/center/con=
tent/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800 ["https://too=
ls.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-=
sa-20170315-ap1800"]=0D=0A=0D=0A-----BEGIN PGP SIGNATURE-----=0D=0A=
=0D=0AiQKBBAEBAgBrBQJYyWWBZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJ=
pdHkg=0D=0ASW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5ID=
IwMTYtMjAx=0D=0ANykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHlvtxAA2=
0Aufg/w2bAsLWks=0D=0Anrc2gUsx8ZfpKwm1IyZbxvvAvk/CKqVpzycMOZQFnlau=
Mp4nSVSA1DrIYnwGxgS9=0D=0AnW3Gt1yk5J6JlvTTYFCmjcJnqo8dnC9UGs4eKsa=
pCIHEyiOMyWuwk3LNbIVCk9G/=0D=0AymtCDf4cv+3380hqJpEOl/tsygmVWtmDAx=
VWiObX72N2y7XIQwUpGgteHU+ZMn15=0D=0AkliO/Odtzi6q9qlR6oEMtdoTNEx3+=
2mDH9hU0snHLBEs66eITmTbYRTuHOw9YiiJ=0D=0AfS83QMzh3d8WsXmK+d4w0gOz=
vcBznObCt7gIvBo+54asza7kohCMcM1uNQlzg3cT=0D=0A6j9Fq2/fQTWNRqdDmfF=
4OHZObR7gHIh9rCNC6jEyf4qtOIrK+MuXRVrxiHW+jUW9=0D=0AhZ1w/CInZtBSiK=
sndwA9AJkgaza8anyASjPhOJ0oIMkVoxSndieA3kqcYyixKs8N=0D=0A7Sl+CLp19=
QyffeN7SbVSeedefs29VCOrnTmHUT9qIh13/vMlcYUGyHFIhUsTs1Yq=0D=0AFDtj=
MIAST+bRime9dUpC3bNubSwLz1JuHD2AT/IWPMkCKSQVvd7f+vY+Urur+i96=0D=0A=
6PR5oizd/gP6RKL/78wp7DOGCt1ztclmpIdFBxj1LwH5KKP/lBTjvK54NUsUkoL+=0D=0A=
+CvKEPjezdvugZOOoo6K2VXf4QY=3D=0D=0A=3DXeal=0D=0A-----END PGP SIG=
NATURE-----=0D=0A