How severe is CVE-2018-0443?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.6 out of 10.

What type of vulnerability is CVE-2018-0443?

This is classified as CWE-399, which is a common weakness in software security.

CVE-2018-0443

HIGH Year: 2018

CVSS v3 Score

8.6

High

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-399

View all →

Vulnerability Description

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper input validation on fields within CAPWAP Discovery Request packets by the affected device. An attacker could exploit this vulnerability by sending malicious CAPWAP Discovery Request packets to the Cisco WLC Software. A successful exploit could allow the attacker to cause the Cisco WLC Software to disconnect associated access points (APs). While the APs disconnect and reconnect, service will be unavailable for a brief period of time, resulting in a DoS condition.

CVE-2016-6368

HIGH

CVSS:8.6(High)

A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a den...

CWE-3992016

CVE-2016-9225

HIGH

CVSS:8.6(High)

A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX mo...

CWE-3992016

CVE-2017-12245

HIGH

CVSS:8.6(High)

A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause depletion of system memory, aka a Firepower Detecti...

CWE-3992017

CVE-2017-12246

HIGH

CVSS:8.6(High)

A vulnerability in the implementation of the direct authentication feature in Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected devi...

CWE-3992017

CVE-2017-3790

HIGH

CVSS:8.6(High)

A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a rel...

CWE-3992017

CVE-2017-3864

HIGH

CVSS:8.6(High)

A vulnerability in the DHCP client implementation of Cisco IOS (12.2, 12.4, and 15.0 through 15.6) and Cisco IOS XE (3.3 through 3.7) could allow an unauthenticated, remote attacker to cause a denial ...

CWE-3992017

CVE-2018-0443

Vulnerability Description

Related Vulnerabilities

CVE-2016-6368

CVE-2016-9225

CVE-2017-12245

CVE-2017-12246

CVE-2017-3790

CVE-2017-3864