Vulnerability Details : CVE-2018-0442
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. The vulnerability is due to insufficient condition checks in the part of the code that handles CAPWAP keepalive requests. An attacker could exploit this vulnerability by sending a crafted CAPWAP keepalive packet to a vulnerable Cisco WLC device. A successful exploit could allow the attacker to retrieve the contents of device memory, which could lead to the disclosure of confidential information.
Vulnerability category: Information leak
Products affected by CVE-2018-0442
- cpe:2.3:o:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-0442
0.13%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 48 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-0442
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
Cisco Systems, Inc. | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2018-0442
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: ykramarz@cisco.com (Secondary)
References for CVE-2018-0442
-
http://www.securitytracker.com/id/1041923
Cisco Wireless LAN Controller CAPWAP Keepalive Request Processing Flaw Lets Remote Users Obtain Potentially Sensitive Information on the Target System - SecurityTrackerThird Party Advisory;VDB Entry
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-wlc-capwap-memory-leak
Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Information Disclosure VulnerabilityVendor Advisory
-
http://www.securityfocus.com/bid/105664
Cisco Wireless LAN Controller Software CVE-2018-0442 Information Disclosure VulnerabilityThird Party Advisory;VDB Entry
Jump to