CVE-2018-0412 — MEDIUM (5.3)

Q: How severe is CVE-2018-0412?

CVE-2018-0412 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-0412?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Wap121 Firmware, Cisco Wap121, Cisco Wap125 Firmware, Cisco Wap125, Cisco Wap131 Firmware.

Vulnerability Description

A vulnerability in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Series Wireless Access Points could allow an unauthenticated, adjacent attacker to force the downgrade of the encryption algorithm that is used between an authenticator (access point) and a supplicant (Wi-Fi client). The vulnerability is due to the improper processing of certain EAPOL messages that are received during the Wi-Fi handshake process. An attacker could exploit this vulnerability by establishing a man-in-the-middle position between a supplicant and an authenticator and manipulating an EAPOL message exchange to force usage of a WPA-TKIP cipher instead of the more secure AES-CCMP cipher. A successful exploit could allow the attacker to conduct subsequent cryptographic attacks, which could lead to the disclosure of confidential information. Cisco Bug IDs: CSCvj29229.

CVSS Score

5.3

MEDIUM

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Cisco	Wap121 Firmware	<= 1.0.6.6
Cisco	Wap121	-
Cisco	Wap125 Firmware	<= 1.0.6.6
Cisco	Wap125	-
Cisco	Wap131 Firmware	<= 1.0.6.6
Cisco	Wap131	-
Cisco	Wap150 Firmware	<= 1.0.6.6
Cisco	Wap150	-
Cisco	Wap321 Firmware	<= 1.0.6.6
Cisco	Wap321	-
Cisco	Wap351 Firmware	<= 1.0.6.6
Cisco	Wap351	-
Cisco	Wap361 Firmware	<= 1.0.6.6
Cisco	Wap361	-
Cisco	Wap371 Firmware	<= 1.0.6.6
Cisco	Wap371	-

Related Weaknesses (CWE)

CWE-310

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory

FAQ

What is CVE-2018-0412?

CVE-2018-0412 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A vulnerability in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Series...

How severe is CVE-2018-0412?

CVE-2018-0412 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-0412?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Wap121 Firmware, Cisco Wap121, Cisco Wap125 Firmware, Cisco Wap125, Cisco Wap131 Firmware.