Details of VAR-201810-0318

ID

VAR-201810-0318

CVE

CVE-2018-0443

TITLE

Cisco Wireless LAN Controller Software resource management vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-013822

DESCRIPTION

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper input validation on fields within CAPWAP Discovery Request packets by the affected device. An attacker could exploit this vulnerability by sending malicious CAPWAP Discovery Request packets to the Cisco WLC Software. A successful exploit could allow the attacker to cause the Cisco WLC Software to disconnect associated access points (APs). While the APs disconnect and reconnect, service will be unavailable for a brief period of time, resulting in a DoS condition. An attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. This issue is being tracked by Cisco Bug IDs CSCvf66696. A security vulnerability exists in the CAPWAP protocol component in Cisco WLC Software

Trust: 1.98

sources: NVD: CVE-2018-0443 // JVNDB: JVNDB-2018-013822 // BID: 105686 // VULHUB: VHN-118645

AFFECTED PRODUCTS

vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.2\(151.0\)	Trust: 1.0
vendor:	cisco	model:	wireless lan controller software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.7	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.6	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.5	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.4	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.3	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.2	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.1	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.0	Trust: 0.3
vendor:	cisco	model:	series wireless controllers	scope:	eq	version:	55008.2(151.0)	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	ne	version:	8.6.101	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	ne	version:	8.5.110	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	ne	version:	8.3.143	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	ne	version:	8.3.140	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	ne	version:	8.7.106.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	ne	version:	8.7.102.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	ne	version:	8.5.135.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller software	scope:	ne	version:	8.2.170.0	Trust: 0.3
vendor:	cisco	model:	series wireless controllers	scope:	ne	version:	55008.2(167.8)	Trust: 0.3

sources: BID: 105686 // JVNDB: JVNDB-2018-013822 // NVD: CVE-2018-0443

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0443
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2018-0443
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-0443
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201810-982
value:	HIGH
Trust: 0.6
VULHUB:	VHN-118645
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-0443
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-118645
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0443
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2018-0443
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.0
Trust: 1.0
NVD:	CVE-2018-0443
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-118645 // JVNDB: JVNDB-2018-013822 // CNNVD: CNNVD-201810-982 // NVD: CVE-2018-0443 // NVD: CVE-2018-0443

PROBLEMTYPE DATA

problemtype:	CWE-399	Trust: 1.9
problemtype:	CWE-20	Trust: 1.1

sources: VULHUB: VHN-118645 // JVNDB: JVNDB-2018-013822 // NVD: CVE-2018-0443

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-982

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201810-982

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-013822

PATCH

title:	cisco-sa-20181017-wlc-capwap-dos	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-wlc-capwap-dos	Trust: 0.8
title:	Cisco Wireless LAN Controller Software Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86053	Trust: 0.6

sources: JVNDB: JVNDB-2018-013822 // CNNVD: CNNVD-201810-982

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0443	Trust: 2.8
db:	BID	id:	105686	Trust: 2.0
db:	SECTRACK	id:	1041922	Trust: 1.7
db:	JVNDB	id:	JVNDB-2018-013822	Trust: 0.8
db:	CNNVD	id:	CNNVD-201810-982	Trust: 0.7
db:	VULHUB	id:	VHN-118645	Trust: 0.1

sources: VULHUB: VHN-118645 // BID: 105686 // JVNDB: JVNDB-2018-013822 // CNNVD: CNNVD-201810-982 // NVD: CVE-2018-0443

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181017-wlc-capwap-dos	Trust: 2.0
url:	http://www.securityfocus.com/bid/105686	Trust: 1.7
url:	http://www.securitytracker.com/id/1041922	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0443	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0443	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-118645 // BID: 105686 // JVNDB: JVNDB-2018-013822 // CNNVD: CNNVD-201810-982 // NVD: CVE-2018-0443

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 105686

SOURCES

db:	VULHUB	id:	VHN-118645
db:	BID	id:	105686
db:	JVNDB	id:	JVNDB-2018-013822
db:	CNNVD	id:	CNNVD-201810-982
db:	NVD	id:	CVE-2018-0443

LAST UPDATE DATE

2024-11-23T22:17:17.670000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-118645	date:	2020-08-28T00:00:00
db:	BID	id:	105686	date:	2018-10-17T00:00:00
db:	JVNDB	id:	JVNDB-2018-013822	date:	2019-03-04T00:00:00
db:	CNNVD	id:	CNNVD-201810-982	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0443	date:	2024-11-21T03:38:14.483

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-118645	date:	2018-10-17T00:00:00
db:	BID	id:	105686	date:	2018-10-17T00:00:00
db:	JVNDB	id:	JVNDB-2018-013822	date:	2019-03-04T00:00:00
db:	CNNVD	id:	CNNVD-201810-982	date:	2018-10-18T00:00:00
db:	NVD	id:	CVE-2018-0443	date:	2018-10-17T22:29:00.723