Sign-up

ID

VAR-201810-0580


CVE

CVE-2018-15395


TITLE

Cisco Wireless LAN Controller Software access control vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-014563

DESCRIPTION

A vulnerability in the authentication and authorization checking mechanisms of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, adjacent attacker to gain network access to a Cisco TrustSec domain. Under normal circumstances, this access should be prohibited. The vulnerability is due to the dynamic assignment of Security Group Tags (SGTs) during a wireless roam from one Service Set Identifier (SSID) to another within the Cisco TrustSec domain. An attacker could exploit this vulnerability by attempting to acquire an SGT from other SSIDs within the domain. Successful exploitation could allow the attacker to gain privileged network access that should be prohibited under normal circumstances. The product provides security policy, intrusion detection and other functions in the wireless LAN. This issue is tracked by Cisco Bug ID CSCvi49059

Trust: 2.52

sources: NVD: CVE-2018-15395 // JVNDB: JVNDB-2018-014563 // CNVD: CNVD-2018-21197 // BID: 105676 // VULHUB: VHN-125650

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-21197

AFFECTED PRODUCTS

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:8.5\(120.0\)

Trust: 1.0

vendor:ciscomodel:wireless lan controller softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:wireless lan controllerscope: - version: -

Trust: 0.6

vendor:ciscomodel:wireless lan controller softwarescope:eqversion: -

Trust: 0.3

vendor:ciscomodel:series wireless controllersscope:eqversion:55008.5(120.0)

Trust: 0.3

vendor:ciscomodel:series wireless controllersscope:neversion:55008.5(130.0)

Trust: 0.3

vendor:ciscomodel:series wireless controllersscope:neversion:55008.5(124.33)

Trust: 0.3

vendor:ciscomodel:series wireless controllersscope:neversion:55008.5(120.7)

Trust: 0.3

vendor:ciscomodel:series wireless controllersscope:neversion:55008.5(120.6)

Trust: 0.3

sources: CNVD: CNVD-2018-21197 // BID: 105676 // JVNDB: JVNDB-2018-014563 // NVD: CVE-2018-15395

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-15395
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2018-15395
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-15395
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2018-21197
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201810-993
value: MEDIUM

Trust: 0.6

VULHUB: VHN-125650
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2018-15395
severity: LOW
baseScore: 2.7
vectorString: AV:A/AC:L/AU:S/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 5.1
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-21197
severity: MEDIUM
baseScore: 4.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-125650
severity: LOW
baseScore: 2.7
vectorString: AV:A/AC:L/AU:S/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 5.1
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-15395
baseSeverity: MEDIUM
baseScore: 5.4
vectorString: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.3
impactScore: 2.7
version: 3.0

Trust: 2.8

sources: CNVD: CNVD-2018-21197 // VULHUB: VHN-125650 // JVNDB: JVNDB-2018-014563 // CNNVD: CNNVD-201810-993 // NVD: CVE-2018-15395 // NVD: CVE-2018-15395

PROBLEMTYPE DATA

problemtype:CWE-284

Trust: 1.9

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: VULHUB: VHN-125650 // JVNDB: JVNDB-2018-014563 // NVD: CVE-2018-15395

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201810-993

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201810-993

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-014563

PATCH
title:cisco-sa-20181017-wlan-escalationurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-wlan-escalation
Trust: 0.8
title:Cisco Wireless LAN Controller Software Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86064
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-014563 // 
            
            
            
            CNNVD: CNNVD-201810-993

EXTERNAL IDS
db:NVDid:CVE-2018-15395
Trust: 3.4
db:BIDid:105676
Trust: 2.0
db:SECTRACKid:1041925
Trust: 1.7
db:JVNDBid:JVNDB-2018-014563
Trust: 0.8
db:CNNVDid:CNNVD-201810-993
Trust: 0.7
db:CNVDid:CNVD-2018-21197
Trust: 0.6
db:VULHUBid:VHN-125650
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-21197 // 
            
            
            
            VULHUB: VHN-125650 // 
            
            
            
            BID: 105676 // 
            
            
            
            JVNDB: JVNDB-2018-014563 // 
            
            
            
            CNNVD: CNNVD-201810-993 // 
            
            
            
            NVD: CVE-2018-15395

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181017-wlan-escalation
Trust: 2.6
url:http://www.securityfocus.com/bid/105676
Trust: 2.3
url:http://www.securitytracker.com/id/1041925
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15395
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-15395
Trust: 0.8
url:http://www.cisco.com
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2018-21197 // 
            
            
            
            VULHUB: VHN-125650 // 
            
            
            
            BID: 105676 // 
            
            
            
            JVNDB: JVNDB-2018-014563 // 
            
            
            
            CNNVD: CNNVD-201810-993 // 
            
            
            
            NVD: CVE-2018-15395

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 105676

SOURCES
db:CNVDid:CNVD-2018-21197
db:VULHUBid:VHN-125650
db:BIDid:105676
db:JVNDBid:JVNDB-2018-014563
db:CNNVDid:CNNVD-201810-993
db:NVDid:CVE-2018-15395

LAST UPDATE DATE
2024-11-23T23:12:02.398000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-21197date:2018-10-18T00:00:00
db:VULHUBid:VHN-125650date:2019-10-09T00:00:00
db:BIDid:105676date:2018-10-17T00:00:00
db:JVNDBid:JVNDB-2018-014563date:2019-03-27T00:00:00
db:CNNVDid:CNNVD-201810-993date:2019-10-17T00:00:00
db:NVDid:CVE-2018-15395date:2024-11-21T03:50:41.773

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-21197date:2018-10-18T00:00:00
db:VULHUBid:VHN-125650date:2018-10-17T00:00:00
db:BIDid:105676date:2018-10-17T00:00:00
db:JVNDBid:JVNDB-2018-014563date:2019-03-27T00:00:00
db:CNNVDid:CNNVD-201810-993date:2018-10-18T00:00:00
db:NVDid:CVE-2018-15395date:2018-10-17T20:29:00.363