Design/Logic Flaw

2018-10-1722:29:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

44.1%

JSON

A vulnerability in the 802.11r Fast Transition feature set of Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a corruption of certain timer mechanisms triggered by specific roaming events. This corruption will eventually cause a timer crash. An attacker could exploit this vulnerability by sending malicious reassociation events multiple times to the same AP in a short period of time, causing a DoS condition on the affected AP.

CPENameOperatorVersion
access_pointseq15.33.0-jd
access_pointseq8.140.0
access_pointseq8.2141.0
access_pointseq8.2151.0
access_pointseq8.3102.0
access_pointseq8.3112.0
access_pointseq8.3114.74
access_pointslt8.3.140.0
access_pointsge8.4
access_pointslt8.5.110.0

Name	Operator	Version
access_points	eq	15.33.0-jd
access_points	eq	8.140.0
access_points	eq	8.2141.0
access_points	eq	8.2151.0
access_points	eq	8.3102.0
access_points	eq	8.3112.0
access_points	eq	8.3114.74
access_points	lt	8.3.140.0
access_points	ge	8.4
access_points	lt	8.5.110.0