high
7.4
CWE
401
Advisory Published
Updated

CVE-2021-34740: Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability

First published: Thu Sep 23 2021(Updated: )

A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device.

Credit: ykramarz@cisco.com

Affected SoftwareAffected VersionHow to fix
Cisco Aironet Access Point Software>=8.10.0<8.10.162.0
Cisco Aironet Access Point Software=17.2
Cisco Aironet Access Point Software=17.3
Cisco 1100-4g\/6g Integrated Services Router
Cisco 1100-4p Integrated Services Router
Cisco 1100-8p Integrated Services Router
Cisco 1100 Integrated Services Router
Cisco 1101-4p Integrated Services Router
Cisco 1101 Integrated Services Router
Cisco 1109-2p Integrated Services Router
Cisco 1109-4p Integrated Services Router
Cisco 1109 Integrated Services Router
Cisco 1111x-8p Integrated Services Router
Cisco 1111x Integrated Services Router
Cisco 111x Integrated Services Router
Cisco 1120 Integrated Services Router
Cisco 1160 Integrated Services Router
Cisco 6300 Series Access Points
Cisco Aironet 1540
Cisco Aironet 1542d
Cisco Aironet 1542i
Cisco Aironet 1560
Cisco Aironet 1562d
Cisco Aironet 1562e
Cisco Aironet 1562i
Cisco Aironet 1800
Cisco Aironet 1800i
Cisco Aironet 1810
Cisco Aironet 1810w
Cisco Aironet 1815
Cisco Aironet 1815i
Cisco Aironet 1830
Cisco Aironet 1830e
Cisco Aironet 1830i
Cisco Aironet 1840
Cisco Aironet 1850
Cisco Aironet 1850e
Cisco Aironet 1850i
Cisco Aironet 2800
Cisco Aironet 2800e
Cisco Aironet 2800i
Cisco Aironet 3800
Cisco Aironet 3800e
Cisco Aironet 3800i
Cisco Aironet 3800p
Cisco Aironet 4800
Cisco Catalyst 9100
Cisco Catalyst 9105
Cisco Catalyst 9105axi
Cisco Catalyst 9105axw
Cisco Catalyst 9115
Cisco Catalyst 9115 Ap
Cisco Catalyst 9115axe
Cisco Catalyst 9115axi
Cisco Catalyst 9117
Cisco Catalyst 9117 Ap
Cisco Catalyst 9117axi
Cisco Catalyst 9120
Cisco Catalyst 9120 Ap
Cisco Catalyst 9120axe
Cisco Catalyst 9120axi
Cisco Catalyst 9120axp
Cisco Catalyst 9124
Cisco Catalyst 9124axd
Cisco Catalyst 9124axi
Cisco Catalyst 9130
Cisco Catalyst 9130 Ap
Cisco Catalyst 9130axe
Cisco Catalyst 9130axi
Cisco Catalyst Iw6300
Cisco Catalyst Iw6300 Ac
Cisco Catalyst Iw6300 Dc
Cisco Catalyst Iw6300 Dcw

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203