Informazioni sul CVE-2018-0381
Cisco Aironet 1560, 1800, 2800, and 3800 Series Access Points Denial of Service Vulnerability
CWE ID: CWE-400
Base Score (CVSS): N/A
CVE: CVE-2018-0381
Descrizione: A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a deadlock condition that may occur when an affected AP attempts to dequeue aggregated traffic that is destined to an attacker-controlled wireless client. An attacker who can successfully transition between multiple Service Set Identifiers (SSIDs) hosted on the same AP while replicating the required traffic patterns could trigger the deadlock condition. A watchdog timer that detects the condition will trigger a reload of the device, resulting in a DoS condition while the device restarts.
Vettore di attacco
Punteggio CVSS
Il CVSS è un sistema di valutazione che misura la gravità di una vulnerabilità informatica considerando fattori come l’impatto potenziale, la probabilità di attacco e la facilità di esecuzione.
Riassunto: .
Dettaglio del Vettore
| Metrica | Valore | Significato | Descrizione |
|---|
Riferimenti esterni
- http://www.securitytracker.com/id/1041929
- http://www.securityfocus.com/bid/105685
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-aironet-dos
Prodotti interessati
- Cisco – Cisco Aironet Access Points
Relazioni con altri prodotti
Produttore:Cisco
Prodotto: Cisco Aironet Access Points
Anno: 2018
CWE: CWE-400
CVSS: 0.0