Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2018-0441

CVE information

Published

4 years ago

Last Modified

3 years ago

CVSSv2.0 Severity

Medium

CVSSv3.1 Severity

High

Impact Analysis

Description

A vulnerability in the 802.11r Fast Transition feature set of Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a corruption of certain timer mechanisms triggered by specific roaming events. This corruption will eventually cause a timer crash. An attacker could exploit this vulnerability by sending malicious reassociation events multiple times to the same AP in a short period of time, causing a DoS condition on the affected AP..

CVSSv2.0 Score

Severity
Medium
Base Score
6.1/10
Exploit Score
6.5/10
Access Vector
Adjacent_network
Access Complexity
Low
Authentication Required
None
Impact Score
6.9/10
Confidentiality Impact
None
Availability Impact
Complete
Integrity Impact
None

CVSSv3.1 Score

Severity
High
Base Score
7.4/10
Exploit Score
2.8/10
Access Vector
Adjacent_network
Access Complexity
Low
Privileges Required
None
Impact Score
4/10
Confidentiality Impact
None
Availability Impact
High
Integrity Impact
None
Scope
Changed
User Interaction
None

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:o:cisco:access_points:15.3\(3\)jd:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:cisco:access_points:8.0\(140.0\):*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:cisco:access_points:8.2\(141.0\):*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:cisco:access_points:8.2\(151.0\):*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:cisco:access_points:8.3\(102.0\):*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:cisco:access_points:8.3\(112.0\):*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:cisco:access_points:8.3\(114.74\):*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:cisco:access_points:*:*:*:*:*:*:*:*
  Yes
- 8.3.140.0
cpe:2.3:o:cisco:access_points:*:*:*:*:*:*:*:*
  Yes
8.4 8.5.110.0