#VU14435 Improper input validation in Cisco Small Business 300 Series Wireless Access Points and Cisco Small Business 100 Series Wireless Access Points
Vulnerability identifier: #VU14435
Vulnerability risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Local network
Exploit availability: No
Vulnerable software:
Cisco Small Business 300 Series Wireless Access Points
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Small Business 100 Series Wireless Access Points
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Vendor: Cisco Systems, Inc
Description
The vulnerability allows an adjacent authenticated attacker to cause DoS condition on the target system.
The vulnerability exists in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality due to improper processing of certain EAPOL frames. An adjacent attacker can send a stream of specially crafted EAPOL frames, force the access point (AP) to disassociate all the associated stations (STAs) and to disallow future, new association requests.
Mitigation
Update the affected product to version 1.0.6.7.
Vulnerable software versions
Cisco Small Business 300 Series Wireless Access Points: 1.0.6.6
Cisco Small Business 100 Series Wireless Access Points: 1.0.6.6
External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-csb-wap-dos
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
