Vulnerability CVE-2016-6375
Published: 2016-09-11   Modified: 2016-09-12

Description:
Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow remote attackers to cause a denial of service (device reload) by sending crafted Inter-Access Point Protocol (IAPP) packets and then sending a traffic stream metrics (TSM) information request over SNMP, aka Bug ID CSCuz40221.

Type:

CWE-399

 (Resource Management Errors)

CVSS2 => (AV:A/AC:M/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.7/10
6.9/10
5.5/10
Exploit range
Attack complexity
Authentication
Adjacent network
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Cisco -> Wireless lan controller software 
Cisco -> Wireless lan controller software 6.0 
Cisco -> Wireless lan controller software 7.0 
Cisco -> Wireless lan controller software 7.1 
Cisco -> Wireless lan controller software 7.2 
Cisco -> Wireless lan controller software 7.4 

 References:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-wlc-1
http://www.securityfocus.com/bid/92712
http://www.securitytracker.com/id/1036721
Copyright 2024, cxsecurity.com

 

Back to Top