Vulnslist

find the latest Cisco vulnerabilities

Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Information Disclosure Vulnerability

cisco-sa-20181017-wlc-capwap-memory-leak · High · Published · Updated

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information.   The vulnerability is due to insufficient condition checks in the part of the code that handles CAPWAP keepalive requests. An attacker could exploit this vulnerability by sending a crafted CAPWAP keepalive packet to a vulnerable Cisco WLC device. A successful exploit could allow the attacker to retrieve the contents of device memory, which could lead to the disclosure of confidential information. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-wlc-capwap-memory-leak

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2018-0442
Cisco Bug IDsCSCvf66680
CVSS ScoreBase 7.5
Base 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco Wireless LAN Controller (WLC) Base, Cisco Wireless LAN Controller (WLC) 7.0.98.0, Cisco Wireless LAN Controller (WLC) 7.0.116.0, Cisco Wireless LAN Controller (WLC) 7.0.98.218, Cisco Wireless LAN Controller (WLC) 7.0.220.0, Cisco Wireless LAN Controller (WLC) 7.0.240.0, Cisco Wireless LAN Controller (WLC) 7.0.250.0, Cisco Wireless LAN Controller (WLC) 7.0.252.0, Cisco Wireless LAN Controller (WLC) 7.0.230.0, Cisco Wireless LAN Controller (WLC) 7.0.235.0, Cisco Wireless LAN Controller (WLC) 7.0.235.3, Cisco Wireless LAN Controller (WLC) 7.0.251.2, Cisco Wireless LAN Controller (WLC) 7.1.91.0, Cisco Wireless LAN Controller (WLC) 7.2.103.0, Cisco Wireless LAN Controller (WLC) 7.2.110.0, Cisco Wireless LAN Controller (WLC) 7.2.111.3, Cisco Wireless LAN Controller (WLC) 7.2.115.2, Cisco Wireless LAN Controller (WLC) 7.4.100.0, Cisco Wireless LAN Controller (WLC) 7.4.100.60, Cisco Wireless LAN Controller (WLC) 7.4.110.0, Cisco Wireless LAN Controller (WLC) 7.4.121.0, Cisco Wireless LAN Controller (WLC) 7.4.140.0, Cisco Wireless LAN Controller (WLC) 7.4.130.0, Cisco Wireless LAN Controller (WLC) 7.4.150.0, Cisco Wireless LAN Controller (WLC) 7.3.101.0, Cisco Wireless LAN Controller (WLC) 7.3.112.0, Cisco Wireless LAN Controller (WLC) 7.3.103.8, Cisco Wireless LAN Controller (WLC) 7.5.102.0, Cisco Wireless LAN Controller (WLC) 7.5.102.11, Cisco Wireless LAN Controller (WLC) 7.6.100.0, Cisco Wireless LAN Controller (WLC) 7.6.120.0, Cisco Wireless LAN Controller (WLC) 7.6.110.0, Cisco Wireless LAN Controller (WLC) 7.6.130.0, Cisco Wireless LAN Controller (WLC) 7.6.1.62, Cisco Wireless LAN Controller (WLC) 8.0.100.0, Cisco Wireless LAN Controller (WLC) 8.0.115.0, Cisco Wireless LAN Controller (WLC) 8.0.120.0, Cisco Wireless LAN Controller (WLC) 8.0.121.0, Cisco Wireless LAN Controller (WLC) 8.0.135.0, Cisco Wireless LAN Controller (WLC) 8.0.133.0, Cisco Wireless LAN Controller (WLC) 8.0.132.0, Cisco Wireless LAN Controller (WLC) 8.0.110.0, Cisco Wireless LAN Controller (WLC) 8.0.150.0, Cisco Wireless LAN Controller (WLC) 8.0.140.0, Cisco Wireless LAN Controller (WLC) 8.0.152.0, Cisco Wireless LAN Controller (WLC) 8.1.111.0, Cisco Wireless LAN Controller (WLC) 8.1.131.0, Cisco Wireless LAN Controller (WLC) 8.1.122.0, Cisco Wireless LAN Controller (WLC) 8.1.130.0, Cisco Wireless LAN Controller (WLC) 8.1.102.0, Cisco Wireless LAN Controller (WLC) 8.1.132.0, Cisco Wireless LAN Controller (WLC) 8.3.102.0, Cisco Wireless LAN Controller (WLC) 8.3.102.15, Cisco Wireless LAN Controller (WLC) 8.3.111.0, Cisco Wireless LAN Controller (WLC) 8.3.112.0, Cisco Wireless LAN Controller (WLC) 8.3.121.0, Cisco Wireless LAN Controller (WLC) 8.3.122.0, Cisco Wireless LAN Controller (WLC) 8.3.130.0, Cisco Wireless LAN Controller (WLC) 8.3.131.0, Cisco Wireless LAN Controller (WLC) 8.3.132.0, Cisco Wireless LAN Controller (WLC) 8.3.133.0, Cisco Wireless LAN Controller (WLC) 8.2.121.0, Cisco Wireless LAN Controller (WLC) 8.2.130.0, Cisco Wireless LAN Controller (WLC) 8.2.100.0, Cisco Wireless LAN Controller (WLC) 8.2.110.0, Cisco Wireless LAN Controller (WLC) 8.2.111.0, Cisco Wireless LAN Controller (WLC) 8.2.141.0, Cisco Wireless LAN Controller (WLC) 8.2.151.0, Cisco Wireless LAN Controller (WLC) 8.2.160.0, Cisco Wireless LAN Controller (WLC) 8.2.161.0, Cisco Wireless LAN Controller (WLC) 8.2.164.0, Cisco Wireless LAN Controller (WLC) 8.2.166.0, Cisco Wireless LAN Controller (WLC) 8.5.103.0, Cisco Wireless LAN Controller (WLC) 8.5.105.0, Cisco Wireless LAN Controller (WLC) 8.4.100.0, Cisco Wireless LAN Controller (WLC)

Related Products

Product CVE Evidence
Cisco Nexus Dashboard CVE-2018-0442 Cisco OpenVuln
Cisco Catalyst PON Series Switches CVE-2018-0442 Cisco OpenVuln
Cisco Wireless LAN Controller (WLC) CVE-2018-0442 Cisco OpenVuln