CVE-2018-15395

Name of the Vulnerable Software and Affected Versions Cisco Wireless LAN Controller (WLC) Software (affected versions not specified)

Description A vulnerability in the authentication and authorization checking mechanisms could allow an authenticated, adjacent attacker to gain network access to a Cisco TrustSec domain, which should be prohibited under normal circumstances. The issue is related to the dynamic assignment of Security Group Tags (SGTs) during a wireless roam from one Service Set Identifier (SSID) to another within the Cisco TrustSec domain. An attacker could exploit this by attempting to acquire an SGT from other SSIDs within the domain, potentially gaining privileged network access.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.