What is the severity of CVE-2017-12278?

The severity of CVE-2017-12278 is medium with a CVSS score of 6.3.

How does CVE-2017-12278 affect Cisco Wireless LAN Controllers?

CVE-2017-12278 can cause an authenticated, remote attacker to restart an affected Cisco Wireless LAN Controller, resulting in a denial of service (DoS) condition.

Is Cisco Wireless LAN Controller Software affected by CVE-2017-12278?

Yes, Cisco Wireless LAN Controller Software is affected by CVE-2017-12278.

How can I fix CVE-2017-12278?

Apply the necessary updates or patches provided by Cisco to fix CVE-2017-12278.

Vulnerability/
CVE-2017-12278

medium

6.3

CWE

772 119

2/11/2017

5/8/2024

CVE-2017-12278: Buffer Overflow

First published: Thu Nov 02 2017(Updated: )

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco Wireless LAN Controllers could allow an authenticated, remote attacker to cause an affected device to restart, resulting in a denial of service (DoS) condition. The vulnerability is due to a memory leak that occurs on an affected device after the device fails to deallocate a buffer that is used when certain MIBs are polled. An attacker who knows the SNMP Version 2 SNMP Read string or has valid SNMP Version 3 credentials for an affected device could repeatedly poll the affected MIB object IDs (OIDs) and consume available memory on the device. When memory is sufficiently depleted on the device, the device will restart, resulting in a DoS condition. Cisco Bug IDs: CSCvc71674.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Wireless LAN Controller Software
Cisco Wireless LAN Controller

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-12278?
The severity of CVE-2017-12278 is medium with a CVSS score of 6.3.
How does CVE-2017-12278 affect Cisco Wireless LAN Controllers?
CVE-2017-12278 can cause an authenticated, remote attacker to restart an affected Cisco Wireless LAN Controller, resulting in a denial of service (DoS) condition.
What is the cause of CVE-2017-12278?
CVE-2017-12278 is caused by a memory leak in the Simple Network Management Protocol (SNMP) subsystem of Cisco Wireless LAN Controllers.
Is Cisco Wireless LAN Controller Software affected by CVE-2017-12278?
Yes, Cisco Wireless LAN Controller Software is affected by CVE-2017-12278.
How can I fix CVE-2017-12278?
Apply the necessary updates or patches provided by Cisco to fix CVE-2017-12278.

collector/nvd-index
agent/weakness
agent/type
agent/event
agent/references
agent/severity
agent/author
agent/description
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
agent/tags
collector/mitre-cve
source/MITRE
vendor/cisco
canonical/cisco wireless lan controller software
canonical/cisco wireless lan controller

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.