CiscoCISCO-SA-20151113-AIRONETCisco Aironet 1800 Series Access Point SSHv2 Denial of Service Vulnerability
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
EPSS
Percentile
56.0%
A vulnerability in the Secure Shell Version 2 (SSHv2) protocol of Cisco Aironet 1800 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high CPU utilization and an accumulation of SSHv2 connections.
The vulnerability is due to improper handling of incoming SSHv2 connections that do not complete properly. An attacker could exploit this vulnerability by sending a high number of crafted SSHv2 connections to an affected device. An exploit could allow the attacker to cause a DoS condition due to high CPU utilization and an accumulation of SSHv2 connections.
Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151113-aironet[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151113-aironet”]
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | aironet_access_point_software | any | cpe:2.3:a:cisco:aironet_access_point_software:any:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
EPSS
Percentile
56.0%