Executive Summary
Summary | |
---|---|
Title | Cisco Wireless LAN Controller 802.11 Management Frame Denial of Service Vulnerability |
Informations | |||
---|---|---|---|
Name | cisco-sa-20180502-wlc-mfdos | First vendor Publication | 2018-05-02 |
Vendor | Cisco | Last vendor Modification | 2018-05-02 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:A/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 6.1 | Attack Range | Adjacent network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 6.5 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of certain 802.11 management information element frames that an affected device receives from wireless clients. An attacker could exploit this vulnerability by sending a malformed 802.11 management frame to an affected device. A successful exploit could allow the attacker to cause the affected device to reload unexpectedly, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-wlc-mfdos ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-wlc-mfdos"] BEGIN PGP SIGNATURE iQJ5BAEBAgBjBQJa6eErXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfczkBQP/1KxTrxLbOonh9sWB54TkrsKszhB V4DDH5ohl+BfJaRQN7oNhiFbyKl93BamVaZhKMkptenM64xh1/wrUdVMHw4Q1NNT Q3fWwDvRdpsXeETsYGSCOuqc7+VZwrsp0+m0aIITGOfjI8uBsZJlW+mzeHmj70Db OwQmlKcWITmfqxbqgZuYqEJS+s+NhnajmE0aNGilZVYdgMcMEwt26mSUKX8L7tKm 4L6Er3ZlWD8rC9M/vEhl3rSwnCZ9uiqeALB/Dam1gjjhNj7NZQscRUeZ2gQZ9+bW 2JWP3+wELJ3kWJozArdc/rdSALs9Ch4Ll8XXnC+Ff8V5Aca3O/Xi1FAT5uj0nm6x OXwAx/6vTAZjDbth8Ct0qv09f2/A5NLZkDbiLHvA4IIsYcowcoIMtqZ0ZLbjCX1v aos9SW/8ZHOAvn0CB8q8yV+F/N25iNXOxM+8UoQ1+OCHLuCT7NpAJdhpl1JTS5R3 YXaQfuWqlLq1d5eJUH1+T3aswGZ/6wYrIGuxaAornsebTPxmXWv4rixoPeb4Zkcr jcYbz1YxD+EOHUiYWLo5hC9tQ6lKQL8Q0p7SmE83JCCxe+4XVmoD0anGKF98jNNV MUMd7TXthnK1qKziSnXnBtoYJcxWHEBM7VQ3/eG18ck0dgc0tlNSTkGKgQex5/eY 5jmOxoY/8mCGlGOR =8TyF END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 2 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2018-05-11 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20180502-wlc-mfdos.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2018-06-13 17:21:13 |
|
2018-05-03 05:19:52 |
|
2018-05-02 21:20:43 |
|