HomePentest-Tools.com Logo

Cisco Aironet Access Point Platforms Extensible Authentication Protocol Denial of Service Vulnerability CVE-2017-12274

Severity
CVSSv3 Score
6.5
Vulnerability description

A vulnerability in Extensible Authentication Protocol (EAP) ingress frame processing for the Cisco Aironet 1560, 2800, and 3800 Series Access Points could allow an unauthenticated, Layer 2 radio frequency (RF) adjacent attacker to cause the Access Point (AP) to reload, resulting in a denial of service (DoS) condition.

Risk description

The vulnerability is due to insufficient validation of the EAP frame. An attacker could exploit this vulnerability by sending a malformed EAP frame to the targeted device. A successful exploit could allow the attacker to cause the AP to reload, resulting in a DoS condition while the AP is reloading. It may be necessary to manually power cycle the device in order for it to recover.

Recommendation

See the referenced advisory for a solution.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Nov 2, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available