cisco-sa-airo-wpa-dos-5ZLs6ESz: Cisco Aironet Series Access Points Client Packet Processing Denial of Service Vulnerability
First published: Wed Apr 15 2020(Updated: )
A vulnerability in Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper processing of client packets that are sent to an affected access point (AP). An attacker could exploit this vulnerability by sending a large number of sustained client packets to the affected AP. A successful exploit could allow the attacker to cause the affected AP to crash, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-dos-5ZLs6ESz This advisory is part of the April 2020 Cisco Aironet AP, Mobility Express, and WLC Software Security Advisory Bundled Publication, which includes four Cisco Security Advisories that describe four vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: April 2020 Cisco Aironet AP, Mobility Express and WLC Software Security Advisory Bundled Publication.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Access Point Software | =8.9<8.9.111.02=8.7<8.8.130.0=8.6<8.8.130.0=8.1 through 8.5<8.5.160.0 | 8.9.111.02 8.8.130.0 8.8.130.0 8.5.160.0 |
| Cisco Aironet Access Points Embedded Wireless Controller Major Software | =16.11 and earlier<16.11.1b | 16.11.1b |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/title
- agent/weakness
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/cisco-advisory
- source/Cisco
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco access point software
- version/cisco access point software/8.9
- version/cisco access point software/8.7
- version/cisco access point software/8.6
- version/cisco access point software/8.1 through 8.5
- canonical/cisco aironet access points embedded wireless controller major software
- version/cisco aironet access points embedded wireless controller major software/16.11 and earlier