Cisco Mobility Express 2800 and 3800 802.11 Denial of Service Vulnerability CVE-2016-9220
- CVSSv3 Score
- Vulnerability description
A vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points could allow an unauthenticated, adjacent attacker to cause the connection table to be full of invalid connections and be unable to process new incoming requests.
- Risk description
The vulnerability is due to lack of proper error handling when the 802.11 frame is received with an unexpected status code. An attacker could exploit this vulnerability by sending a crafted 802.11 frame to the targeted device. An exploit could allow the attacker to impact the availability of the device due to the connection table being filled with invalid connections.
Upgrade to version 18.104.22.168 or later.
- Not available