CVE-2018-0382
moderate-risk
Published 2019-04-17
A vulnerability in the session identification management functionality of the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system. The vulnerability exists because the affected software does not properly clear previously assigned session identifiers for a user session when a user authenticates to the web-based interface. An attacker could exploit this vulnerability by using an existing session identifier to connect to the software through the web-based interface. Successful exploitation could allow the attacker to hijack an authenticated user's browser session on the system. Versions 8.1 and 8.5 are affected.
Do I need to act?
-
0.70% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.3/10
Medium
NETWORK
/ LOW complexity
Affected Products (2)
Affected Vendors
References (4)
Third Party Advisory
http://www.securityfocus.com/bid/108005
Third Party Advisory
http://www.securityfocus.com/bid/108005
30
/ 100
moderate-risk
Severity
21/34 · High
Exploitability
2/34 · Minimal
Exposure
7/34 · Low