Cisco Wireless LAN Controller Devices 802.11i Management Frame Denial of Service Vulnerability

2015-10-0214:01:53

tools.cisco.com

6.1 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

44.7%

JSON

Cisco Wireless LAN Controller (WLC) devices contain a denial of service vulnerability that could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.

The vulnerability is due to a failure to properly discard certain malformed values in an 802.11i management frame received from a wireless client. An attacker could trigger the vulnerability by submitting a crafted frame to an access point managed by the affected Cisco WLC.

Cisco has confirmed the vulnerability and released software updates.

To exploit this vulnerability, an attacker must be on the same broadcast or collision domain as the targeted device. This access requirement reduces the likelihood of a successful exploit.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.

Affected configurations

Vulners

Node

ciscowireless_lan_controller_7.4Match7.0

ciscowireless_lan_controller_7.4Match7.3

ciscowireless_lan_controller_7.4Match7.0.240.0

ciscowireless_lan_controller_7.4Match7.3.101.0

CPENameOperatorVersion
cisco wireless lan controller (wlc)eq7.0
cisco wireless lan controller (wlc)eq7.3
cisco wireless lan controller (wlc)eq7.0.240.0
cisco wireless lan controller (wlc)eq7.3.101.0

Name	Operator	Version
cisco wireless lan controller (wlc)	eq	7.0
cisco wireless lan controller (wlc)	eq	7.3
cisco wireless lan controller (wlc)	eq	7.0.240.0
cisco wireless lan controller (wlc)	eq	7.3.101.0