Input validation

2020-06-0318:15:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.8%

JSON

A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of parameters in a Flexible NetFlow Version 9 record. An attacker could exploit this vulnerability by sending a malformed Flexible NetFlow Version 9 packet to the Control and Provisioning of Wireless Access Points (CAPWAP) data port of an affected device. An exploit could allow the attacker to trigger an infinite loop, resulting in a process crash that would cause a reload of the device.

CPENameOperatorVersion
ios_xeeq16.10.1
ios_xeeq16.10.197
ios_xeeq16.10.198
ios_xeeq16.10.1101
ios_xeeq16.10.1115
ios_xeeq16.10.2
ios_xeeq16.11.1
ios_xeeq16.11.197
ios_xeeq16.11.198
ios_xeeq16.11.199

Name	Operator	Version
ios_xe	eq	16.10.1
ios_xe	eq	16.10.197
ios_xe	eq	16.10.198
ios_xe	eq	16.10.1101
ios_xe	eq	16.10.1115
ios_xe	eq	16.10.2
ios_xe	eq	16.11.1
ios_xe	eq	16.11.197
ios_xe	eq	16.11.198
ios_xe	eq	16.11.199