Denial of service in Cisco Wireless LAN Controller

Published: 2017-11-02 11:23:52
Severity Low
Patch available NO
Number of vulnerabilities 2
CVSSv2 4.3 (AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:C)
4.3 (AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:C)
CVSSv3 3.8 [CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:U/RC:C]
3.8 [CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:U/RC:C]
CVE ID CVE-2017-12280
CVE-2017-12282
CWE ID CWE-20
Exploitation vector Network
Public exploit Not available
Vulnerable software Cisco Wireless LAN Controller
Vulnerable software versions Cisco Wireless LAN Controller 8.0(133.0)
Cisco Wireless LAN Controller 8.0(140.0)
Cisco Wireless LAN Controller 8.2(121.11)
Vendor URL Cisco Systems, Inc
Advisory type Public

Security Advisory

1) Improper input validation

Description

The vulnerability allows an remote attacker to cause DoS condition on the target system.

The weakness exists in the Control and Provisioning of Wireless Access Points (CAPWAP) Discovery Request parsing functionality of Cisco Wireless LAN Controllers due to incomplete input validation of fields in CAPWAP Discovery Request packets. An remote attacker can send a specially crafted CAPWAP Discovery Request packets and cause the device to reload.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Cubersecurity Help is currently unaware of any solutions addressing the vulnerability.

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-wlc3

2) Improper input validation

Description

The vulnerability allows an Layer 2 RF-adjacent attacker to cause DoS condition on the target system.

The weakness exists in the Access Network Query Protocol (ANQP) ingress frame processing functionality of Cisco Wireless LAN Controllers due to incomplete input validation of of ANQP query frames. An remote attacker can send a malformed ANQP query frame that is on an RF-adjacent network and cause the device to restart.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Cubersecurity Help is currently unaware of any solutions addressing the vulnerability.

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-wlc4

Back to List