Details of VAR-201810-0292

ID

VAR-201810-0292

CVE

CVE-2018-0381

TITLE

Cisco Aironet Series Access Points Software depletion vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-013823

DESCRIPTION

A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a deadlock condition that may occur when an affected AP attempts to dequeue aggregated traffic that is destined to an attacker-controlled wireless client. An attacker who can successfully transition between multiple Service Set Identifiers (SSIDs) hosted on the same AP while replicating the required traffic patterns could trigger the deadlock condition. A watchdog timer that detects the condition will trigger a reload of the device, resulting in a DoS condition while the device restarts. CiscoAironet1560SeriesAccessPoint and so on are all wireless access point devices of Cisco. MobilityExpress (ME) Software is a set of management control software running in it. There are security vulnerabilities in MESoftware in several Cisco products. An attacker with a physical location nearby can exploit the vulnerability to cause a denial of service. Attackers can exploit this issue to reload the affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCvh21953

Trust: 2.52

sources: NVD: CVE-2018-0381 // JVNDB: JVNDB-2018-013823 // CNVD: CNVD-2019-01902 // BID: 105685 // VULHUB: VHN-118583

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-01902

AFFECTED PRODUCTS

vendor:	cisco	model:	aironet access points	scope:	eq	version:	8.7\(1.99\)	Trust: 1.0
vendor:	cisco	model:	aironet access points	scope:	eq	version:	8.7\(1.96\)	Trust: 1.0
vendor:	cisco	model:	aironet access points	scope:	eq	version:	8.2\(167.3\)	Trust: 1.0
vendor:	cisco	model:	aironet access points	scope:	eq	version:	8.2\(166.0\)	Trust: 1.0
vendor:	cisco	model:	aironet access points	scope:	eq	version:	8.5\(120.0\)	Trust: 1.0
vendor:	cisco	model:	aironet access points	scope:	eq	version:	8.3\(141.10\)	Trust: 1.0
vendor:	cisco	model:	aironet access points	scope:	eq	version:	8.3\(133.0\)	Trust: 1.0
vendor:	cisco	model:	aironet access points	scope:	eq	version:	8.7\(1.107\)	Trust: 1.0
vendor:	cisco	model:	aironet series access points	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	aironet series access point	scope:	eq	version:	3800	Trust: 0.6
vendor:	cisco	model:	aironet series access point	scope:	eq	version:	2800	Trust: 0.6
vendor:	cisco	model:	aironet series access points	scope:	eq	version:	1800	Trust: 0.6
vendor:	cisco	model:	aironet series access point	scope:	eq	version:	1560	Trust: 0.6
vendor:	cisco	model:	aironet series access points	scope:	eq	version:	38000	Trust: 0.3
vendor:	cisco	model:	aironet series access points	scope:	eq	version:	28000	Trust: 0.3
vendor:	cisco	model:	aironet series access points	scope:	eq	version:	18000	Trust: 0.3
vendor:	cisco	model:	aironet series access points	scope:	eq	version:	15600	Trust: 0.3

sources: CNVD: CNVD-2019-01902 // BID: 105685 // JVNDB: JVNDB-2018-013823 // NVD: CVE-2018-0381

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0381
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2018-0381
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-0381
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2019-01902
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201810-987
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-118583
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-0381
severity:	MEDIUM
baseScore:	5.5
vectorString:	AV:A/AC:L/AU:S/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	5.1
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2019-01902
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:A/AC:H/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.2
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-118583
severity:	MEDIUM
baseScore:	5.5
vectorString:	AV:A/AC:L/AU:S/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	5.1
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0381
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.3
impactScore:	4.0
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2018-0381
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.3
impactScore:	4.0
version:	3.0
Trust: 1.0
NVD:	CVE-2018-0381
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2019-01902 // VULHUB: VHN-118583 // JVNDB: JVNDB-2018-013823 // CNNVD: CNNVD-201810-987 // NVD: CVE-2018-0381 // NVD: CVE-2018-0381

PROBLEMTYPE DATA

problemtype:	CWE-400	Trust: 1.9
problemtype:	CWE-667	Trust: 1.1

sources: VULHUB: VHN-118583 // JVNDB: JVNDB-2018-013823 // NVD: CVE-2018-0381

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201810-987

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201810-987

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-013823

PATCH

title:	cisco-sa-20181017-aironet-dos	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-aironet-dos	Trust: 0.8
title:	Patches for various Cisco products MobilityExpressSoftware denial of service vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/150573	Trust: 0.6
title:	Multiple Cisco product Mobility Express Software Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86058	Trust: 0.6

sources: CNVD: CNVD-2019-01902 // JVNDB: JVNDB-2018-013823 // CNNVD: CNNVD-201810-987

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0381	Trust: 3.4
db:	BID	id:	105685	Trust: 2.6
db:	SECTRACK	id:	1041929	Trust: 1.7
db:	JVNDB	id:	JVNDB-2018-013823	Trust: 0.8
db:	CNVD	id:	CNVD-2019-01902	Trust: 0.6
db:	CNNVD	id:	CNNVD-201810-987	Trust: 0.6
db:	VULHUB	id:	VHN-118583	Trust: 0.1

sources: CNVD: CNVD-2019-01902 // VULHUB: VHN-118583 // BID: 105685 // JVNDB: JVNDB-2018-013823 // CNNVD: CNNVD-201810-987 // NVD: CVE-2018-0381

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181017-aironet-dos	Trust: 2.0
url:	http://www.securityfocus.com/bid/105685	Trust: 1.7
url:	http://www.securitytracker.com/id/1041929	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0381	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0381	Trust: 0.8
url:	https://bst.cloudapps.cisco.com/bugsearch/bug/cscvh21953	Trust: 0.6
url:	http://www.cisco.com/cisco/web/solutions/small_business/products/wireless/aironet_series_access_points/index.html	Trust: 0.3
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2019-01902 // VULHUB: VHN-118583 // BID: 105685 // JVNDB: JVNDB-2018-013823 // CNNVD: CNNVD-201810-987 // NVD: CVE-2018-0381

CREDITS

Cisco.

Trust: 0.3

sources: BID: 105685

SOURCES

db:	CNVD	id:	CNVD-2019-01902
db:	VULHUB	id:	VHN-118583
db:	BID	id:	105685
db:	JVNDB	id:	JVNDB-2018-013823
db:	CNNVD	id:	CNNVD-201810-987
db:	NVD	id:	CVE-2018-0381

LAST UPDATE DATE

2024-11-23T22:55:43.528000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-01902	date:	2019-01-18T00:00:00
db:	VULHUB	id:	VHN-118583	date:	2020-08-28T00:00:00
db:	BID	id:	105685	date:	2018-10-17T00:00:00
db:	JVNDB	id:	JVNDB-2018-013823	date:	2019-03-04T00:00:00
db:	CNNVD	id:	CNNVD-201810-987	date:	2020-10-22T00:00:00
db:	NVD	id:	CVE-2018-0381	date:	2024-11-21T03:38:06.543

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2019-01902	date:	2019-01-18T00:00:00
db:	VULHUB	id:	VHN-118583	date:	2018-10-17T00:00:00
db:	BID	id:	105685	date:	2018-10-17T00:00:00
db:	JVNDB	id:	JVNDB-2018-013823	date:	2019-03-04T00:00:00
db:	CNNVD	id:	CNNVD-201810-987	date:	2018-10-18T00:00:00
db:	NVD	id:	CVE-2018-0381	date:	2018-10-17T22:29:00.253