What is the severity of CVE-2018-0381?

CVE-2018-0381 has a high severity rating due to its potential to cause a denial of service condition on affected devices.

How do I fix CVE-2018-0381?

To fix CVE-2018-0381, upgrade to the patched versions of the affected Cisco Aironet Series Access Points software listed in the advisory.

Which devices are affected by CVE-2018-0381?

CVE-2018-0381 affects specific versions of Cisco Aironet Series Access Points, including 8.2(166.0), 8.2(167.3), 8.3(133.0), 8.3(141.10), 8.5(120.0), and multiple releases within the 8.7 series.

Is authentication required to exploit CVE-2018-0381?

Yes, CVE-2018-0381 can only be exploited by an authenticated, adjacent attacker.

What impact does CVE-2018-0381 have on my network?

CVE-2018-0381 can cause affected Cisco Aironet devices to reload unexpectedly, resulting in service disruptions and denial of service for users.

Vulnerability/
CVE-2018-0381

medium

6.8

CWE

667 400

17/10/2018

26/11/2024

CVE-2018-0381: Cisco Aironet 1560, 1800, 2800, and 3800 Series Access Points Denial of Service Vulnerability

First published: Wed Oct 17 2018(Updated: )

A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a deadlock condition that may occur when an affected AP attempts to dequeue aggregated traffic that is destined to an attacker-controlled wireless client. An attacker who can successfully transition between multiple Service Set Identifiers (SSIDs) hosted on the same AP while replicating the required traffic patterns could trigger the deadlock condition. A watchdog timer that detects the condition will trigger a reload of the device, resulting in a DoS condition while the device restarts.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Access Points	=8.2\(166.0\)
Cisco Access Points	=8.2\(167.3\)
Cisco Access Points	=8.3\(133.0\)
Cisco Access Points	=8.3\(141.10\)
Cisco Access Points	=8.5\(120.0\)
Cisco Access Points	=8.7\(1.96\)
Cisco Access Points	=8.7\(1.99\)
Cisco Access Points	=8.7\(1.107\)

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-0381?
CVE-2018-0381 has a high severity rating due to its potential to cause a denial of service condition on affected devices.
How do I fix CVE-2018-0381?
To fix CVE-2018-0381, upgrade to the patched versions of the affected Cisco Aironet Series Access Points software listed in the advisory.
Which devices are affected by CVE-2018-0381?
CVE-2018-0381 affects specific versions of Cisco Aironet Series Access Points, including 8.2(166.0), 8.2(167.3), 8.3(133.0), 8.3(141.10), 8.5(120.0), and multiple releases within the 8.7 series.
Is authentication required to exploit CVE-2018-0381?
Yes, CVE-2018-0381 can only be exploited by an authenticated, adjacent attacker.
What impact does CVE-2018-0381 have on my network?
CVE-2018-0381 can cause affected Cisco Aironet devices to reload unexpectedly, resulting in service disruptions and denial of service for users.

agent/weakness
agent/type
agent/severity
agent/author
agent/references
agent/title
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco access points
version/cisco access points/8.2\(166.0\)
version/cisco access points/8.2\(167.3\)
version/cisco access points/8.3\(133.0\)
version/cisco access points/8.3\(141.10\)
version/cisco access points/8.5\(120.0\)
version/cisco access points/8.7\(1.96\)
version/cisco access points/8.7\(1.99\)
version/cisco access points/8.7\(1.107\)