Multiple vulnerabilities in Cisco Aironet

Published: 2017-11-02 13:55:27
Severity Low
Patch available NO
Number of vulnerabilities 2
CVSSv2 2.8 (AV:A/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:U/RC:C)
2.8 (AV:A/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:C)
CVSSv3 3.8 [CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
4.2 [CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L/E:U/RL:U/RC:C]
CVE ID CVE-2017-12279
CVE-2017-12283
CWE ID CWE-200
Exploitation vector Local network
Public exploit Not available
Vulnerable software Aironet
Vulnerable software versions Aironet 3700 Series
Aironet 3800 Series
Vendor URL Cisco Systems, Inc
Advisory type Public

Security Advisory

1) Information disclosure

Description

The vulnerability allows an adjacent attacker to obtain potentially sensitive information on the target system.

The weakness exists in the packet processing code of Cisco IOS Software for Cisco Aironet Access Points due to insufficient condition checks that are performed when the device adds padding to egress packets. An adjacent attacker can send a specially crafted IP packet and retrieve content from memory.

Remediation

Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-iosap

2) Denial of service

Description

The vulnerability allows an adjacent attacker to cause DoS condition on the target system.

The weakness exists in the handling of 802.11w Protected Management Frames (PAF) by Cisco Aironet 3800 Series Access Points due to improper validation of received 802.11w PAF disassociation and deauthentication frames. An adjacent attacker can send a spoofed 802.11w PAF frame from a valid, authenticated client on an adjacent network and terminate a single valid user connection to the affected device.

Remediation

Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-aironet4

Back to List