What is CVE-2019-15265?

CVE-2019-15265 is a high-severity vulnerability in Cisco Aironet Access Point Software, classified under Improper Input Validation. CVSS score: 7.4/10. Published 2019-10-16.

How severe is CVE-2019-15265?

High severity. CVSS v3 base score is 7.4 out of 10.

Improper input validation in Cisco Aironet Access Point Software

CVE-2019-15265

A vulnerability in the bridge protocol data unit (BPDU) forwarding functionality of Cisco Aironet Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an AP port to go into an error disabled state. The vulnerabili…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.002 (46.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.4 (High). Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H.

Affected products

Cisco Aironet Access Point Software — versions unspecified

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

20191016 Cisco Aironet Access Points Bridge Protocol Data Unit Port Disable Denial of Service Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2019-15265?: CVE-2019-15265 is a high-severity vulnerability in Cisco Aironet Access Point Software, classified under Improper Input Validation. CVSS score: 7.4/10. Published 2019-10-16.
How severe is CVE-2019-15265?: High severity. CVSS v3 base score is 7.4 out of 10.