PT-2018-8699 · Cisco · Cisco Aironet 1560 Series Access Points+8
Published
2018-05-02
·
Updated
2020-10-22
·
CVE-2018-0249
CVSS v3.1
4.3
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions:
Cisco Aironet 1560 Series Access Points
Cisco Aironet 1800 Series Access Points
Cisco Aironet 1810 Series OfficeExtend Access Points
Cisco Aironet 1810w Series Access Points
Cisco Aironet 1815 Series Access Points
Cisco Aironet 1830 Series Access Points
Cisco Aironet 1850 Series Access Points
Cisco Aironet 2800 Series Access Points
Cisco Aironet 3800 Series Access Points (affected versions not specified)
Description:
A vulnerability exists when handling incoming 802.11 Association Requests, which could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. The issue arises from incorrect handling of malformed or invalid 802.11 Association Requests. An attacker could exploit this by sending a malformed stream of 802.11 Association Requests to the local interface of the targeted device, potentially preventing new clients from joining the AP.
Recommendations:
For all affected Cisco Aironet Series Access Points, apply the fix for Cisco Bug ID: CSCvg02116 to resolve the issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Aironet 1560 Series Access Points
Cisco Aironet 1800 Series Access Points
Cisco Aironet 1810 Series Officeextend Access Points
Cisco Aironet 1810W Series Access Points
Cisco Aironet 1815 Series Access Points
Cisco Aironet 1830 Series Access Points
Cisco Aironet 1850 Series Access Points
Cisco Aironet 2800 Series Access Points
Cisco Aironet 3800 Series Access Points