DoS Vulnerability in Cisco Aironet Access Points
CVE-2017-12273

6.5MEDIUM

Key Information:

Vendor
Cisco
Status
Cisco Aironet 1560, 2800, And 3800 Series Access Point Platforms
Vendor
CVE Published:
2 November 2017

Summary

A vulnerability in the 802.11 association request frame processing of Cisco Aironet 1560, 2800, and 3800 Series Access Points may allow an unauthenticated adjacent attacker to trigger a denial of service condition by sending a malformed 802.11 association request. This flaw results from insufficient frame validation and can lead to the Access Point reloading and becoming temporarily unavailable. The affected devices must be running the Lightweight AP Software or Mobility Express image. For effective mitigation, it is essential to apply the recommended patches or updates from Cisco.

Affected Version(s)

Cisco Aironet 1560, 2800, and 3800 Series Access Point Platforms Cisco Aironet 1560, 2800, and 3800 Series Access Point Platforms

References

https://tools.cisco.com/security/center/content/CiscoSecu...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/101655
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1039714
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.