SB2018081616 - Multiple vulnerabilities in Cisco Small Business 100 Series and 300 Series Wireless Access Points
Published: August 16, 2018
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Improper input validation (CVE-ID: CVE-2018-0415)
The vulnerability allows an adjacent authenticated attacker to cause DoS condition on the target system.
The vulnerability exists in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality due to improper processing of certain EAPOL frames. An adjacent attacker can send a stream of specially crafted EAPOL frames, force the access point (AP) to disassociate all the associated stations (STAs) and to disallow future, new association requests.
2) Man-in-the-middle attack (CVE-ID: CVE-2018-0412)
The vulnerability allows an adjacent unauthenticated attacker to conduct man-in-the-middle attack.
The vulnerability exists in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality due to improper processing of certain EAPOL messages that are received during the Wi-Fi handshake process. An adjacent attacker can establish a man-in-the-middle position between a supplicant and an authenticator, manipulate an EAPOL message exchange to force usage of a WPA-TKIP cipher instead of the more secure AES-CCMP cipher and conduct subsequent cryptographic attacks, which could lead to the disclosure of confidential information.
Remediation
Install update from vendor's website.