Design/Logic Flaw

2023-09-2718:15:00

PRIOn knowledge base

www.prio-n.com

wireless network control

cisco ios xe

memory management

dos condition

network requests

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.9%

JSON

A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.

This vulnerability is due to improper memory management. An attacker could exploit this vulnerability by sending a series of network requests to an affected device. A successful exploit could allow the attacker to cause the wncd process to consume available memory and eventually cause the device to reload, resulting in a DoS condition.

CPENameOperatorVersion
ios_xeeq17.9.1
ios_xeeq17.9.197
ios_xeeq17.9.1119
ios_xeeq17.9.1120
ios_xeeq17.9.1-x1
ios_xeeq17.9.1121
ios_xeeq17.9.2
ios_xeeq17.9.297
ios_xeeq17.9.298
ios_xeeq17.10.1

Name	Operator	Version
ios_xe	eq	17.9.1
ios_xe	eq	17.9.197
ios_xe	eq	17.9.1119
ios_xe	eq	17.9.1120
ios_xe	eq	17.9.1-x1
ios_xe	eq	17.9.1121
ios_xe	eq	17.9.2
ios_xe	eq	17.9.297
ios_xe	eq	17.9.298
ios_xe	eq	17.10.1