#VU14436 Man-in-the-middle attack in Cisco Small Business 300 Series Wireless Access Points and Cisco Small Business 100 Series Wireless Access Points - CVE-2018-0412
Published: August 16, 2018
Vulnerability identifier: #VU14436
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-0412
CWE-ID: CWE-300
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vulnerable software:
Cisco Small Business 300 Series Wireless Access Points
Cisco Small Business 100 Series Wireless Access Points
Cisco Small Business 300 Series Wireless Access Points
Cisco Small Business 100 Series Wireless Access Points
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows an adjacent unauthenticated attacker to conduct man-in-the-middle attack.
The vulnerability exists in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality due to improper processing of certain EAPOL messages that are received during the Wi-Fi handshake process. An adjacent attacker can establish a man-in-the-middle position between a supplicant and an authenticator, manipulate an EAPOL message exchange to force usage of a WPA-TKIP cipher instead of the more secure AES-CCMP cipher and conduct subsequent cryptographic attacks, which could lead to the disclosure of confidential information.
Remediation
Update the affected product to version 1.0.6.7.