CVE-2018-0249

CWE-20Improper Input Validation4 documents4 sources
Severity
4.3MEDIUM
EPSS
0.1%
top 64.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Aironet Access Point Software
Timeline
PublishedMay 2
Latest updateMay 13

Description

A vulnerability when handling incoming 802.11 Association Requests for Cisco Aironet 1800 Series Access Point (APs) on Qualcomm Atheros (QCA) based hardware platforms could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. A successful exploit could prevent new clients from joining the AP. The vulnerability is due to incorrect handling of malformed or invalid 802.11 Association Requests. An attacker could exploit this vulnerability by

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5cisco_aironet_1800_series_access_pointCisco Aironet 1800 Series Access Point

🔴Vulnerability Details

2
GHSA
GHSA-wwhv-grrm-9cfg: A vulnerability when handling incoming 8022022-05-13
CVEList
CVE-2018-0249: A vulnerability when handling incoming 8022018-05-02

📋Vendor Advisories

1
Cisco
Cisco Aironet 1800 Series Access Point 802.11 Denial of Service Vulnerability2018-05-02
CVE-2018-0249 (MEDIUM CVSS 4.3) | A vulnerability when handling incom | cvebase.io