HomePentest-Tools.com Logo

Cisco Mobility Express 2800 and 3800 802.11 Denial of Service Vulnerability CVE-2016-9220

Severity
CVSSv3 Score
4.3
Vulnerability description

A vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points could allow an unauthenticated, adjacent attacker to cause the connection table to be full of invalid connections and be unable to process new incoming requests.

Risk description

The vulnerability is due to lack of proper error handling when the 802.11 frame is received with an unexpected status code. An attacker could exploit this vulnerability by sending a crafted 802.11 frame to the targeted device. An exploit could allow the attacker to impact the availability of the device due to the connection table being filled with invalid connections.

Recommendation

Upgrade to version 8.2.141.0 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jan 26, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available