Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2018-0235
HistoryMay 02, 2018 - 10:29 p.m.

CVE-2018-0235

2018-05-0222:29:00
CWE-20
[email protected]
web.nvd.nist.gov
7

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.001

Percentile

22.9%

JSON

A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of certain 802.11 management information element frames that an affected device receives from wireless clients. An attacker could exploit this vulnerability by sending a malformed 802.11 management frame to an affected device. A successful exploit could allow the attacker to cause the affected device to reload unexpectedly, resulting in a DoS condition. This vulnerability affects only Cisco Wireless LAN Controllers that are running Cisco Mobility Express Release 8.5.103.0. Cisco Bug IDs: CSCvg07024.

Affected configurations

Nvd
Node
ciscowireless_lan_controller_softwareMatch8.6\(1.106\)
OR
ciscowireless_lan_controller_softwareMatch8.6\(1.114\)
VendorProductVersionCPE
ciscowireless_lan_controller_software8.6(1.106)cpe:2.3:o:cisco:wireless_lan_controller_software:8.6\(1.106\):*:*:*:*:*:*:*
ciscowireless_lan_controller_software8.6(1.114)cpe:2.3:o:cisco:wireless_lan_controller_software:8.6\(1.114\):*:*:*:*:*:*:*

Related

cve 1
cvelist 1
prion 1
cisco 1
nessus 1
cve
cve
CVE-2018-0235
2018-05-02 22:29:00
cvelist
cvelist
CVE-2018-0235
2018-05-02 22:00:00
prion
prion
Input validation
2018-05-02 22:29:00
cisco
cisco
Cisco Wireless LAN Controller 802.11 Management Frame Denial of Service Vulnerability
2018-05-02 16:00:00
nessus
nessus
Cisco Wireless LAN Controller Multiple Vulnerabilities
2018-05-11 00:00:00

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.001

Percentile

22.9%

JSON
Related for NVD:CVE-2018-0235
cve1cvelist1prion1cisco1nessus1