Denial of Service Vulnerability in Cisco Wireless LAN Controller Products
CVE-2016-6375

5.3MEDIUM

Key Information:

Vendor

Cisco
Status
Wireless Lan Controller Software
Wireless Lan Controller Software 6.0
Wireless Lan Controller Software 7.0
Wireless Lan Controller Software 7.1
Vendor
CVE Published:
12 September 2016

What is CVE-2016-6375?

Remote attackers can exploit a vulnerability in Cisco Wireless LAN Controllers by sending specially crafted Inter-Access Point Protocol (IAPP) packets. Following this, an attacker can issue a traffic stream metrics (TSM) information request over SNMP, leading to an unexpected device reload and potential loss of service. This vulnerability impacts various versions of the Wireless LAN Controller, underscoring the importance of timely updates to ensure network security.

References

http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO
http://www.securitytracker.com/id/1036721
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/92712
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.