CVE-2018-0441 is a vulnerability in Cisco Access Points
Published on October 17, 2018
Cisco IOS Access Points Software 802.11r Fast Transition Denial of Service Vulnerability
A vulnerability in the 802.11r Fast Transition feature set of Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a corruption of certain timer mechanisms triggered by specific roaming events. This corruption will eventually cause a timer crash. An attacker could exploit this vulnerability by sending malicious reassociation events multiple times to the same AP in a short period of time, causing a DoS condition on the affected AP.
Weakness Type
What is a Resource Exhaustion Vulnerability?
The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
CVE-2018-0441 has been classified to as a Resource Exhaustion vulnerability or weakness.
Products Associated with CVE-2018-0441
Want to know whenever a new CVE is published for Cisco Access Points? stack.watch will email you.
Affected Versions
Cisco Aironet Access Point Software Version n/a is affected by CVE-2018-0441Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.