#VU23612 Expected behavior violation in hostapd - CVE-2019-5061
Published: December 16, 2019
Vulnerability identifier: #VU23612
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2019-5061
CWE-ID: CWE-440
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vulnerable software:
hostapd
hostapd
Software vendor:
Jouni Malinen
Jouni Malinen
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an Authentication and AssociationRequest packet is sent before the station has successfully authenticated. A remote attacker on the local network can iterate through a large set of unique MAC addresses to trigger DoS attacks within the upstream network infrastructure.
This can lead to different denial of service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby Aps of the same wireless infrastructure.
Note: This vulnerability affects hostapd Ubiquiti AP-AC-Pro firmware 4.0.10.9653
Remediation
Install updates from vendor's website.