SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |   



Category:   Device (Router/Bridge/Hub)  >   Cisco Aironet Vendors:   Cisco
Cisco Aironet 1560, 1800, 2800, and 3800 Traffic Dequeue Bug Lets Remote Authenticated Users Deny Service
SecurityTracker Alert ID:  1041929
SecurityTracker URL:  https://securitytracker.com/id/1041929
CVE Reference:   CVE-2018-0381   (Links to External Site)
Date:  Oct 19 2018
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1560, 1800, 2800, and 3800 Series
Description:   A vulnerability was reported in Cisco Aironet. A remote authenticated user can cause denial of service conditions on the target system.

A remote authenticated user on the local network can send specially crafted data to cause the target device to reload when it attempts to dequeue aggregated traffic destined for another device. A remote user that can successfully transition between multiple SSIDs on the same access point while replicating the required traffic patterns can trigger this deadlock.

The 1560, 1800, 2800, and 3800 Series devices are affected.

The vendor has assigned bug ID CSCvh21953 to this vulnerability.

The vendor detected this vulnerability via a TAC case.

Impact:   A remote authenticated user can cause temporary denial of service conditions on the target system.
Solution:   The vendor has issued a fix.

The vendor advisory is available at:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-aironet-dos

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-aironet-dos (Links to External Site)
Cause:   State error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search


Content previously copyright SecurityGlobal.net LLC placed in the public domain on December 31, 2019.