Details of VAR-201805-0507

ID

VAR-201805-0507

CVE

CVE-2018-0235

TITLE

Cisco Wireless LAN Controller Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-004907

DESCRIPTION

A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of certain 802.11 management information element frames that an affected device receives from wireless clients. An attacker could exploit this vulnerability by sending a malformed 802.11 management frame to an affected device. A successful exploit could allow the attacker to cause the affected device to reload unexpectedly, resulting in a DoS condition. This vulnerability affects only Cisco Wireless LAN Controllers that are running Cisco Mobility Express Release 8.5.103.0. Cisco Bug IDs: CSCvg07024. Vendors have confirmed this vulnerability Bug ID CSCvg07024 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. The product provides security policy, intrusion detection and other functions in the wireless LAN. An input validation vulnerability exists in the 802.11 frame verification feature in CiscoWLC that caused the program to fail to perform full input validation

Trust: 2.52

sources: NVD: CVE-2018-0235 // JVNDB: JVNDB-2018-004907 // CNVD: CNVD-2018-10307 // BID: 104080 // VULHUB: VHN-118437

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-10307

AFFECTED PRODUCTS

vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.6\(1.106\)	Trust: 1.6
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.6\(1.114\)	Trust: 1.6
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.5.103.0	Trust: 1.1
vendor:	cisco	model:	wireless lan controller	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.5	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	ne	version:	8.5.105.0	Trust: 0.3

sources: CNVD: CNVD-2018-10307 // BID: 104080 // JVNDB: JVNDB-2018-004907 // CNNVD: CNNVD-201805-089 // NVD: CVE-2018-0235

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0235
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-0235
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-10307
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201805-089
value:	HIGH
Trust: 0.6
VULHUB:	VHN-118437
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-0235
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-10307
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-118437
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0235
baseSeverity:	HIGH
baseScore:	7.4
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	4.0
version:	3.1
Trust: 1.0
NVD:	CVE-2018-0235
baseSeverity:	HIGH
baseScore:	7.4
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2018-10307 // VULHUB: VHN-118437 // JVNDB: JVNDB-2018-004907 // CNNVD: CNNVD-201805-089 // NVD: CVE-2018-0235

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.9
problemtype:	NVD-CWE-Other	Trust: 1.0

sources: VULHUB: VHN-118437 // JVNDB: JVNDB-2018-004907 // NVD: CVE-2018-0235

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201805-089

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201805-089

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-004907

PATCH

title:	cisco-sa-20180502-wlc-mfdos	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-wlc-mfdos	Trust: 0.8
title:	Patch for Cisco Wireless LAN Controller 802.11 Management Frame Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/130221	Trust: 0.6
title:	Cisco Wireless LAN Controller Enter the fix for the verification vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79825	Trust: 0.6

sources: CNVD: CNVD-2018-10307 // JVNDB: JVNDB-2018-004907 // CNNVD: CNNVD-201805-089

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0235	Trust: 3.4
db:	BID	id:	104080	Trust: 2.6
db:	JVNDB	id:	JVNDB-2018-004907	Trust: 0.8
db:	CNNVD	id:	CNNVD-201805-089	Trust: 0.7
db:	CNVD	id:	CNVD-2018-10307	Trust: 0.6
db:	VULHUB	id:	VHN-118437	Trust: 0.1

sources: CNVD: CNVD-2018-10307 // VULHUB: VHN-118437 // BID: 104080 // JVNDB: JVNDB-2018-004907 // CNNVD: CNNVD-201805-089 // NVD: CVE-2018-0235

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180502-wlc-mfdos	Trust: 2.6
url:	http://www.securityfocus.com/bid/104080	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0235	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0235	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2018-10307 // VULHUB: VHN-118437 // BID: 104080 // JVNDB: JVNDB-2018-004907 // CNNVD: CNNVD-201805-089 // NVD: CVE-2018-0235

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 104080

SOURCES

db:	CNVD	id:	CNVD-2018-10307
db:	VULHUB	id:	VHN-118437
db:	BID	id:	104080
db:	JVNDB	id:	JVNDB-2018-004907
db:	CNNVD	id:	CNNVD-201805-089
db:	NVD	id:	CVE-2018-0235

LAST UPDATE DATE

2024-11-23T22:22:05.523000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-10307	date:	2018-05-25T00:00:00
db:	VULHUB	id:	VHN-118437	date:	2020-10-22T00:00:00
db:	BID	id:	104080	date:	2018-05-02T00:00:00
db:	JVNDB	id:	JVNDB-2018-004907	date:	2018-06-29T00:00:00
db:	CNNVD	id:	CNNVD-201805-089	date:	2020-10-23T00:00:00
db:	NVD	id:	CVE-2018-0235	date:	2024-11-21T03:37:47.350

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-10307	date:	2018-05-25T00:00:00
db:	VULHUB	id:	VHN-118437	date:	2018-05-02T00:00:00
db:	BID	id:	104080	date:	2018-05-02T00:00:00
db:	JVNDB	id:	JVNDB-2018-004907	date:	2018-06-29T00:00:00
db:	CNNVD	id:	CNNVD-201805-089	date:	2018-05-02T00:00:00
db:	NVD	id:	CVE-2018-0235	date:	2018-05-02T22:29:00.387