Cisco Event Response Page
Cisco Event Response: October 2018 Cisco Wireless LAN Controller Security Advisory Collection
Doc ID:
ERP-70108
First Published:
2018 October 17 16:00 GMT
Version:
1.0
-
The October 17, 2018, release of the Cisco Wireless LAN Controller Security Advisory Collection includes four Cisco Security Advisories that describe four vulnerabilities in Cisco Wireless LAN Controllers. Cisco has released software updates that address these vulnerabilities.
All the vulnerabilities have a Security Impact Rating (SIR) of High. Successful exploitation of the vulnerabilities could allow an attacker to elevate privileges, obtain sensitive information, or cause a denial of service (DoS) condition on an access point.
-
The following table identifies Cisco Security content that is associated with this Cisco Wireless LAN Controller Security Advisory Collection:
Cisco Security Advisory CVE ID Security Impact Rating CVSS Base Score cisco-sa-20181017-wlc-gui-privesc
Cisco Wireless LAN Controller Software GUI Privilege Escalation VulnerabilityCVE-2018-0417High 7.5 cisco-sa-20181017-ap-ft-dos
Cisco IOS Access Points Software 802.11r Fast Transition Denial of Service VulnerabilityCVE-2018-0441High 7.4 cisco-sa-20181017-wlc-capwap-memory-leak
Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Information Disclosure VulnerabilityCVE-2018-0442High 7.5 cisco-sa-20181017-wlc-capwap-dos
Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Denial of Service VulnerabilityCVE-2018-0443High 8.6