var-201808-0300
Vulnerability from variot
A vulnerability in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Series Wireless Access Points could allow an authenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper processing of certain EAPOL frames. An attacker could exploit this vulnerability by sending a stream of crafted EAPOL frames to an affected device. A successful exploit could allow the attacker to force the access point (AP) to disassociate all the associated stations (STAs) and to disallow future, new association requests. Cisco Bug IDs: CSCvj97472. Vendors have confirmed this vulnerability Bug ID CSCvj97472 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. A denial of service vulnerability exists in the implementation of the ExtensibleAuthenticationProtocoloverLAN (EAPOL) feature in CiscoSmallBusiness100SeriesWirelessAccessPoints and SmallBusiness300SeriesWirelessAccessPoints, which stems from a program not properly processing EAPOL frames. Multiple Cisco Products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0300",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wap121",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.6.6"
},
{
"model": "wap131",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.6.6"
},
{
"model": "wap150",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.6.6"
},
{
"model": "wap361",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.6.6"
},
{
"model": "wap125",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.6.6"
},
{
"model": "wap321",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.6.6"
},
{
"model": "wap371",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.6.6"
},
{
"model": "wap351",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.6.6"
},
{
"model": "wap121",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "wap125",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "wap131",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "wap150",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "wap321",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "wap351",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "wap361",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "wap371",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business series wireless access points",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "100"
},
{
"model": "small business series wireless access points",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "300"
},
{
"model": "wap125",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0.6.6"
},
{
"model": "wap121",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0.6.6"
},
{
"model": "wap131",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0.6.6"
},
{
"model": "wap361",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0.6.6"
},
{
"model": "wap150",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0.6.6"
},
{
"model": "wap371",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0.6.6"
},
{
"model": "wap351",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0.6.6"
},
{
"model": "wap321",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0.6.6"
},
{
"model": "small business series wireless access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "small business series wireless access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-16178"
},
{
"db": "BID",
"id": "105116"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009157"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-459"
},
{
"db": "NVD",
"id": "CVE-2018-0415"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:wap121_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:wap125_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:wap131_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:wap150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:wap321_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:wap351_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:wap361_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:wap371_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009157"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "105116"
}
],
"trust": 0.3
},
"cve": "CVE-2018-0415",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.1,
"id": "CVE-2018-0415",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-16178",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.1,
"id": "VHN-118617",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.3,
"id": "CVE-2018-0415",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-0415",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-0415",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2018-16178",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-459",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-118617",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-16178"
},
{
"db": "VULHUB",
"id": "VHN-118617"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009157"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-459"
},
{
"db": "NVD",
"id": "CVE-2018-0415"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Series Wireless Access Points could allow an authenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper processing of certain EAPOL frames. An attacker could exploit this vulnerability by sending a stream of crafted EAPOL frames to an affected device. A successful exploit could allow the attacker to force the access point (AP) to disassociate all the associated stations (STAs) and to disallow future, new association requests. Cisco Bug IDs: CSCvj97472. Vendors have confirmed this vulnerability Bug ID CSCvj97472 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. A denial of service vulnerability exists in the implementation of the ExtensibleAuthenticationProtocoloverLAN (EAPOL) feature in CiscoSmallBusiness100SeriesWirelessAccessPoints and SmallBusiness300SeriesWirelessAccessPoints, which stems from a program not properly processing EAPOL frames. Multiple Cisco Products are prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to cause a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0415"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009157"
},
{
"db": "CNVD",
"id": "CNVD-2018-16178"
},
{
"db": "BID",
"id": "105116"
},
{
"db": "VULHUB",
"id": "VHN-118617"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-0415",
"trust": 3.4
},
{
"db": "BID",
"id": "105116",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009157",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201808-459",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-16178",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-118617",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-16178"
},
{
"db": "VULHUB",
"id": "VHN-118617"
},
{
"db": "BID",
"id": "105116"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009157"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-459"
},
{
"db": "NVD",
"id": "CVE-2018-0415"
}
]
},
"id": "VAR-201808-0300",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-16178"
},
{
"db": "VULHUB",
"id": "VHN-118617"
}
],
"trust": 0.9053571499999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-16178"
}
]
},
"last_update_date": "2024-11-23T22:48:35.859000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20180815-csb-wap-dos",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-csb-wap-dos"
},
{
"title": "Patch for CiscoSmallBusiness100SeriesWirelessAccessPoints and SmallBusiness300SeriesWirelessAccessPoints Denial of Service Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/138281"
},
{
"title": "Cisco Small Business 100 Series Wireless Access Points and Small Business 300 Series Wireless Access Points Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=83759"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-16178"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009157"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-459"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-388",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118617"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009157"
},
{
"db": "NVD",
"id": "CVE-2018-0415"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180815-csb-wap-dos"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105116"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0415"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0415"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-16178"
},
{
"db": "VULHUB",
"id": "VHN-118617"
},
{
"db": "BID",
"id": "105116"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009157"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-459"
},
{
"db": "NVD",
"id": "CVE-2018-0415"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-16178"
},
{
"db": "VULHUB",
"id": "VHN-118617"
},
{
"db": "BID",
"id": "105116"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009157"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-459"
},
{
"db": "NVD",
"id": "CVE-2018-0415"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-16178"
},
{
"date": "2018-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-118617"
},
{
"date": "2018-08-15T00:00:00",
"db": "BID",
"id": "105116"
},
{
"date": "2018-11-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009157"
},
{
"date": "2018-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-459"
},
{
"date": "2018-08-15T20:29:00.893000",
"db": "NVD",
"id": "CVE-2018-0415"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-16178"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-118617"
},
{
"date": "2018-08-15T00:00:00",
"db": "BID",
"id": "105116"
},
{
"date": "2018-11-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009157"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-459"
},
{
"date": "2024-11-21T03:38:10.883000",
"db": "NVD",
"id": "CVE-2018-0415"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-459"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Small Business 100 Series and Small Business 300 Series wireless access point error handling vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009157"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-459"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.