Vulnerability identifier: #VU87904
Vulnerability risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-459
Exploitation vector: Local network
Exploit availability: No
Vulnerable software:
Cisco IOS XE
Operating systems & Components /
Operating system
Catalyst 9800-CL Wireless Controllers for Cloud
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Catalyst 9800 Embedded Wireless Controller
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Catalyst 9800 Series Wireless Controllers
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Embedded Wireless Controller on Catalyst Access Points
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to incomplete cleanup in the multicast DNS (mDNS) gateway feature. A remote attacker on the local network can cause the wireless controller to have high CPU utilization, leading to denial of service condition.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Cisco IOS XE: 17.6 - 17.9.3a
Catalyst 9800-CL Wireless Controllers for Cloud: All versions
Catalyst 9800 Embedded Wireless Controller: All versions
Catalyst 9800 Series Wireless Controllers: All versions
Embedded Wireless Controller on Catalyst Access Points: All versions
External links
http://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-mdns-dos-4hv6pBGf
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.