CVE-2018-0235

Name of the Vulnerable Software and Affected Versions: Cisco Wireless LAN Controller version 8.5.103.0

Description: A vulnerability in the 802.11 frame validation functionality could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This is due to incomplete input validation of certain 802.11 management information element frames received from wireless clients. An attacker could exploit this by sending a malformed 802.11 management frame to an affected device, causing it to reload and resulting in a DoS condition.

Recommendations: For Cisco Wireless LAN Controller version 8.5.103.0, update to a version that includes the fix for this issue to prevent unexpected reloads and denial of service conditions. As a temporary workaround, consider restricting wireless client access to minimize the risk of exploitation.