What is CVE-2018-0417?

CVE-2018-0417 is a vulnerability in TACACS authentication with Cisco Wireless LAN Controller (WLC) Software that could allow an authenticated, local attacker to perform certain operations within the GUI that are not normally available to that user on the CLI.

What is the severity of CVE-2018-0417?

The severity of CVE-2018-0417 is high with a score of 7.8.

What software versions are affected by CVE-2018-0417?

Cisco Wireless LAN Controller Software versions 8.2.170.0 to 8.7.102.0, 8.4 to 8.5.131.0, and 8.7(1.115) are affected.

How can an attacker exploit CVE-2018-0417?

An attacker with local access and authentication to the Cisco Wireless LAN Controller (WLC) Software could exploit CVE-2018-0417 by performing certain operations within the GUI that are not normally available.

Is there any fix for CVE-2018-0417?

Yes, Cisco has released a security advisory with information on how to mitigate this vulnerability.

Vulnerability/
CVE-2018-0417

high

7.8

CWE

264

17/10/2018

16/9/2024

CVE-2018-0417: Cisco Wireless LAN Controller Software GUI Privilege Escalation Vulnerability

First published: Wed Oct 17 2018(Updated: )

A vulnerability in TACACS authentication with Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to perform certain operations within the GUI that are not normally available to that user on the CLI. The vulnerability is due to incorrect parsing of a specific TACACS attribute received in the TACACS response from the remote TACACS server. An attacker could exploit this vulnerability by authenticating via TACACS to the GUI on the affected device. A successful exploit could allow an attacker to create local user accounts with administrative privileges on an affected WLC and execute other commands that are not allowed from the CLI and should be prohibited.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Wireless LAN Controller Software	=8.7\(1.115\)
Cisco Wireless LAN Controller	>=8.4<8.5.131.0
Cisco Wireless LAN Controller Software	<8.2.170.0
Cisco Wireless LAN Controller Software	>=8.6<8.7.102.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2018-0417?
CVE-2018-0417 is a vulnerability in TACACS authentication with Cisco Wireless LAN Controller (WLC) Software that could allow an authenticated, local attacker to perform certain operations within the GUI that are not normally available to that user on the CLI.
What is the severity of CVE-2018-0417?
The severity of CVE-2018-0417 is high with a score of 7.8.
What software versions are affected by CVE-2018-0417?
Cisco Wireless LAN Controller Software versions 8.2.170.0 to 8.7.102.0, 8.4 to 8.5.131.0, and 8.7(1.115) are affected.
How can an attacker exploit CVE-2018-0417?
An attacker with local access and authentication to the Cisco Wireless LAN Controller (WLC) Software could exploit CVE-2018-0417 by performing certain operations within the GUI that are not normally available.
Is there any fix for CVE-2018-0417?
Yes, Cisco has released a security advisory with information on how to mitigate this vulnerability.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/author
agent/last-modified-date
agent/references
agent/weakness
agent/title
agent/first-publish-date
agent/description
agent/event
agent/tags
vendor/cisco
canonical/cisco wireless lan controller software
version/cisco wireless lan controller software/8.7\(1.115\)
canonical/cisco wireless lan controller
version/cisco wireless lan controller/8.4
version/cisco wireless lan controller software/8.6

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.