CVE-2018-0442

Name of the Vulnerable Software and Affected Versions Cisco Wireless LAN Controller (WLC) Software (affected versions not specified)

Description A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component could allow an unauthenticated, remote attacker to retrieve memory contents, leading to the disclosure of confidential information. The issue is due to insufficient condition checks in the code handling CAPWAP keepalive requests. An attacker could exploit this by sending a crafted CAPWAP keepalive packet to a vulnerable device. A successful exploit could allow the attacker to retrieve device memory contents, potentially disclosing confidential information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.