Denial of Service Vulnerability in Cisco Mobility Express Access Points
CVE-2016-9221

4.3MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Mobility Express 2800 Series And 3800 Series Access Points
Vendor: CVE Published:; 26 January 2017

What is CVE-2016-9221?

A vulnerability exists in the handling of authentication for 802.11 ingress connections in the Cisco Mobility Express 2800 and 3800 Access Points. An unauthenticated adjacent attacker could exploit this flaw to disrupt the authentication process, leading to service outages. This condition occurs when the access points are configured in local mode on a 40 MHz channel. The issue specifically affects defined versions of the affected products, requiring prompt attention from network administrators to ensure availability and security.

Affected Version(s)

Cisco Mobility Express 2800 Series and 3800 Series Access Points Cisco Mobility Express 2800 Series and 3800 Series Access Points

References

https://tools.cisco.com/security/center/content/CiscoSecu...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/95631

vdb-entryx_refsource_BID

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 26, 2017
Vulnerability Reserved
Nov 6, 2016