How severe is CVE-2018-0415?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.8 out of 10.

What type of vulnerability is CVE-2018-0415?

This is classified as CWE-388, which is a common weakness in software security.

CVE-2018-0415

MEDIUM Year: 2018

CVSS v3 Score

6.8

Medium

CVSS v2 Score

5.5

Medium

Weakness Type

CWE-388

View all →

Vulnerability Description

A vulnerability in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Series Wireless Access Points could allow an authenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper processing of certain EAPOL frames. An attacker could exploit this vulnerability by sending a stream of crafted EAPOL frames to an affected device. A successful exploit could allow the attacker to force the access point (AP) to disassociate all the associated stations (STAs) and to disallow future, new association requests. Cisco Bug IDs: CSCvj97472.

CVE-2017-16644

MEDIUM

CVSS:6.6(Medium)

The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possi...

CWE-3882017

CVE-2020-3512

HIGH

CVSS:7.4(High)

A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a c...

CWE-3882020

CVE-2016-1480

HIGH

CVSS:7.5(High)

A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthe...

CWE-3882016

CVE-2016-6357

HIGH

CVSS:7.5(High)

A vulnerability in the configured security policies, including drop email filtering, in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass...

CWE-3882016

CVE-2016-7991

HIGH

CVSS:7.5(High)

On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and h...

CWE-3882016

CVE-2016-8745

HIGH

CVSS:7.5(High)

A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted ...

CWE-3882016

CVE-2018-0415

Vulnerability Description

Related Vulnerabilities

CVE-2017-16644

CVE-2020-3512

CVE-2016-1480

CVE-2016-6357

CVE-2016-7991

CVE-2016-8745