SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   Cisco Aironet Vendors:   Cisco
Cisco Aironet 1560, 1800, 2800, and 3800 Traffic Dequeue Bug Lets Remote Authenticated Users Deny Service
SecurityTracker Alert ID:  1041929
SecurityTracker URL:  http://securitytracker.com/id/1041929
CVE Reference:   CVE-2018-0381   (Links to External Site)
Date:  Oct 19 2018
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1560, 1800, 2800, and 3800 Series
Description:   A vulnerability was reported in Cisco Aironet. A remote authenticated user can cause denial of service conditions on the target system.

A remote authenticated user on the local network can send specially crafted data to cause the target device to reload when it attempts to dequeue aggregated traffic destined for another device. A remote user that can successfully transition between multiple SSIDs on the same access point while replicating the required traffic patterns can trigger this deadlock.

The 1560, 1800, 2800, and 3800 Series devices are affected.

The vendor has assigned bug ID CSCvh21953 to this vulnerability.

The vendor detected this vulnerability via a TAC case.

Impact:   A remote authenticated user can cause temporary denial of service conditions on the target system.
Solution:   The vendor has issued a fix.

The vendor advisory is available at:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-aironet-dos

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-aironet-dos (Links to External Site)
Cause:   State error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC