Details of VAR-201302-0390

ID

VAR-201302-0390

CVE

CVE-2013-1131

TITLE

Cisco Small Business Wireless Access Points Denial of Service Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2013-00974 // CNNVD: CNNVD-201302-248

DESCRIPTION

Cisco Small Business Wireless Access Points WAP200, WAP2000, WAP200E, and WET200 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SSID that is not properly handled during a site survey, aka Bug IDs CSCua86182, CSCua91196, CSCud36155, and CSCua86190. Cisco Small Business Wireless access point has service disruption (DoS) There are vulnerabilities that can be affected indefinitely, such as being in a state. Successful exploits may allow an attacker to cause denial-of-service conditions. This issue is tracked by Cisco Bug IDs CSCua86182, CSCua91196, CSCud36155, and CSCua86190

Trust: 2.52

sources: NVD: CVE-2013-1131 // JVNDB: JVNDB-2013-001571 // CNVD: CNVD-2013-00974 // BID: 57973 // VULHUB: VHN-61133

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2013-00974

AFFECTED PRODUCTS

vendor:	cisco	model:	small business wireless access ppoints	scope:	eq	version:	wap2000	Trust: 1.6
vendor:	cisco	model:	small business wireless access ppoints	scope:	eq	version:	wap200e	Trust: 1.6
vendor:	cisco	model:	small business wireless access ppoints	scope:	eq	version:	wap200	Trust: 1.6
vendor:	cisco	model:	small business wireless access ppoints	scope:	eq	version:	wet200	Trust: 1.6
vendor:	cisco	model:	small business wireless access point	scope:	eq	version:	wap200	Trust: 0.8
vendor:	cisco	model:	small business wireless access point	scope:	eq	version:	wap2000	Trust: 0.8
vendor:	cisco	model:	small business wireless access point	scope:	eq	version:	wap200e	Trust: 0.8
vendor:	cisco	model:	small business wireless access point	scope:	eq	version:	wet200	Trust: 0.8
vendor:	cisco	model:	small business wireless access points wap200 /wap2000 /wap200e /et200	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	small business wireless access points wet200	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	small business wireless access points wap200e	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	small business wireless access points wap2000	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	small business wireless access points wap200	scope:	-	version:	-	Trust: 0.3

sources: CNVD: CNVD-2013-00974 // BID: 57973 // JVNDB: JVNDB-2013-001571 // CNNVD: CNNVD-201302-248 // NVD: CVE-2013-1131

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-1131
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2013-1131
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201302-248
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-61133
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2013-1131
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:A/AC:M/AU:N/C:N/I:P/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	COMPLETE
exploitabilityScore:	5.5
impactScore:	7.8
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-61133
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:A/AC:M/AU:N/C:N/I:P/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	COMPLETE
exploitabilityScore:	5.5
impactScore:	7.8
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-61133 // JVNDB: JVNDB-2013-001571 // CNNVD: CNNVD-201302-248 // NVD: CVE-2013-1131

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2013-1131

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201302-248

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201302-248

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-001571

PATCH

title:	Cisco Small Business Wireless Access Points SSID Validation Vulnerability	url:	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1131	Trust: 0.8
title:	Patch for Cisco Small Business Wireless Access Points Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/31844	Trust: 0.6

sources: CNVD: CNVD-2013-00974 // JVNDB: JVNDB-2013-001571

EXTERNAL IDS

db:	NVD	id:	CVE-2013-1131	Trust: 3.4
db:	JVNDB	id:	JVNDB-2013-001571	Trust: 0.8
db:	CNNVD	id:	CNNVD-201302-248	Trust: 0.7
db:	CNVD	id:	CNVD-2013-00974	Trust: 0.6
db:	CISCO	id:	20130213 CISCO SMALL BUSINESS WIRELESS ACCESS POINTS SSID VALIDATION VULNERABILITY	Trust: 0.6
db:	BID	id:	57973	Trust: 0.4
db:	VULHUB	id:	VHN-61133	Trust: 0.1

sources: CNVD: CNVD-2013-00974 // VULHUB: VHN-61133 // BID: 57973 // JVNDB: JVNDB-2013-001571 // CNNVD: CNNVD-201302-248 // NVD: CVE-2013-1131

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-1131	Trust: 2.6
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1131	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1131	Trust: 0.8
url:	http://www.cisco.com/en/us/products/ps10047/index.html	Trust: 0.3

sources: CNVD: CNVD-2013-00974 // VULHUB: VHN-61133 // BID: 57973 // JVNDB: JVNDB-2013-001571 // CNNVD: CNNVD-201302-248 // NVD: CVE-2013-1131

CREDITS

Cisco

Trust: 0.3

sources: BID: 57973

SOURCES

db:	CNVD	id:	CNVD-2013-00974
db:	VULHUB	id:	VHN-61133
db:	BID	id:	57973
db:	JVNDB	id:	JVNDB-2013-001571
db:	CNNVD	id:	CNNVD-201302-248
db:	NVD	id:	CVE-2013-1131

LAST UPDATE DATE

2025-04-11T23:10:41.106000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2013-00974	date:	2013-02-19T00:00:00
db:	VULHUB	id:	VHN-61133	date:	2013-02-14T00:00:00
db:	BID	id:	57973	date:	2013-02-13T00:00:00
db:	JVNDB	id:	JVNDB-2013-001571	date:	2013-02-15T00:00:00
db:	CNNVD	id:	CNNVD-201302-248	date:	2013-02-19T00:00:00
db:	NVD	id:	CVE-2013-1131	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2013-00974	date:	2013-02-19T00:00:00
db:	VULHUB	id:	VHN-61133	date:	2013-02-13T00:00:00
db:	BID	id:	57973	date:	2013-02-13T00:00:00
db:	JVNDB	id:	JVNDB-2013-001571	date:	2013-02-15T00:00:00
db:	CNNVD	id:	CNNVD-201302-248	date:	2013-02-19T00:00:00
db:	NVD	id:	CVE-2013-1131	date:	2013-02-13T23:55:01.320