Main Vulnerability Database SB2016072805

SB2016072805 - Wireless management frame processing flaw in Cisco Wireless LAN Controller

Published: July 28, 2016 Updated: July 28, 2016

Security Bulletin ID SB2016072805

CSH Severity

High

Patch available

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Wireless management frame processing flaw (CVE-ID: CVE-2016-1460)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

The vulnerability allows a remote attacker to cause denial of service conditions on the affected device.

The vulnerability exists due to insufficient handling of wireless management frames. A remote unauthenticated attacker can cause denial of service conditions on the target device by sending crafted wireless management frames to the device.

Successful exploitation of this vulnerability may result in denial of service conditions.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-wlc