CVE-2018-15395 MEDIUM

CVE-2018-15395: Cisco Wireless LAN Controller Software Privilege Escalation Vulnerability

Vendor Cisco
Product Cisco Wireless LAN Controller (WLC)
Weakness CWE-284
Published October 17, 2018
Last update November 26, 2024
View on NVD All CVEs

CVSS base score

5.4/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

A vulnerability in the authentication and authorization checking mechanisms of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, adjacent attacker to gain network access to a Cisco TrustSec domain. Under normal circumstances, this access should be prohibited. The vulnerability is due to the dynamic assignment of Security Group Tags (SGTs) during a wireless roam from one Service Set Identifier (SSID) to another within the Cisco TrustSec domain. An attacker could exploit this vulnerability by attempting to acquire an SGT from other SSIDs within the domain. Successful exploitation could allow the attacker to gain privileged network access that should be prohibited under normal circumstances.

Key dates

02Disclosure timeline

October 17, 2018 CVE published
November 26, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-7154 TOTOLINK A3700R Password Reset wizard.html access control CVE-2023-24486 Local user access to a system where another user is utilizing a vulnerable version of Citrix Workspace App for Linux to launch published desktops and applications CVE-2024-49105 Remote Desktop Client Remote Code Execution Vulnerability CVE-2022-31024 Federated editing allows iframing remote servers by default in richdocuments CVE-2022-2225 Zero Trust Secure Web Gateway policies bypass using WARP client subcommands