CVE-2018-0415

CVE-2018-0415

Vendor Cisco Systems, Inc.
Product Small Business 100 Series Wireless Access Points
Weakness CWE-388
Published August 15, 2018
Last update November 26, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Series Wireless Access Points could allow an authenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper processing of certain EAPOL frames. An attacker could exploit this vulnerability by sending a stream of crafted EAPOL frames to an affected device. A successful exploit could allow the attacker to force the access point (AP) to disassociate all the associated stations (STAs) and to disallow future, new association requests. Cisco Bug IDs: CSCvj97472.

Key dates

02Disclosure timeline

August 15, 2018 CVE published
November 26, 2024 Record updated

Related vulnerabilities

04Related CVE