Published: 15/08/2018 Updated: 09/10/2019

CVSS v2 Base Score: 5.5 | Impact Score: 6.9 | Exploitability Score: 5.1

CVSS v3 Base Score: 6.8 | Impact Score: 4 | Exploitability Score: 2.3

VMScore: 490

Vector: AV:A/AC:L/Au:S/C:N/I:N/A:C

A vulnerability in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Series Wireless Access Points could allow an authenticated, adjacent malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper processing of certain EAPOL frames. An attacker could exploit this vulnerability by sending a stream of crafted EAPOL frames to an affected device. A successful exploit could allow the malicious user to force the access point (AP) to disassociate all the associated stations (STAs) and to disallow future, new association requests. Cisco Bug IDs: CSCvj97472.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco wap121_firmware
cisco wap125_firmware
cisco wap131_firmware
cisco wap150_firmware
cisco wap321_firmware
cisco wap351_firmware
cisco wap361_firmware
cisco wap371_firmware

A vulnerability in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Series Wireless Access Points could allow an authenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device The vulner ...

CWE-388 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-csb-wap-dos http://www.securityfocus.com/bid/105116 https://nvd.nist.gov https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-csb-wap-dos

CVE-2018-0415

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect