2 results (0.028 seconds)

CVSS: 6.5EPSS: 0%CPEs: 53EXPL: 0

A vulnerability in 802.11 Wireless Multimedia Extensions (WME) action frame processing in Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of the 802.11 WME packet header. An attacker could exploit this vulnerability by sending malformed 802.11 WME frames to a targeted device. A successful exploit could allow the attacker to cause the WLC to reload unexpectedly. The fixed versions are 8.0.140.0, 8.2.130.0, and 8.3.111.0. • http://www.securityfocus.com/bid/97424 http://www.securitytracker.com/id/1038182 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-wlc • CWE-399: Resource Management Errors •

CVSS: 6.5EPSS: 0%CPEs: 95EXPL: 0

The Adaptive Wireless Intrusion Prevention System (wIPS) feature on Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device restart) via a malformed wIPS packet, aka Bug ID CSCuz40263. La funcionalidad Adaptive Wireless Intrusion Prevention System (wIPS) en dispositivos Cisco Wireless LAN Controller (WLC) en versiones anteriores a 8.0.140.0, 8.1.x y 8.2.x en versiones anteriores a 8.2.121.0 y 8.3.x en versiones anteriores a 8.3.102.0 permite a atacantes remotos provocar una denegación de servicio (reinicio del dispositivo) a través de un paquete wIPS mal formado, también conocido como Bug ID CSCuz40263. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-wlc-2 http://www.securityfocus.com/bid/92716 http://www.securitytracker.com/id/1036720 • CWE-399: Resource Management Errors •