cisco-sa-ap-ip-flood-dos-6hxxENVQ: Cisco Embedded Wireless Controller with Catalyst Access Points IP Flood Denial of Service Vulnerability
First published: Wed Apr 13 2022(Updated: )
A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. The device may experience a performance degradation in traffic processing or high CPU usage prior to the unexpected reload. This vulnerability is due to improper rate limiting of IP packets to the management interface. An attacker could exploit this vulnerability by sending a steady stream of IP traffic at a high rate to the management interface of the affected device. A successful exploit could allow the attacker to cause the device to reload. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ
Credit: This vulnerability was found by Miroslav Popovic Cisco during internal security testing
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Embedded Wireless Controller | >=17.4=17.5<=17.6<17.6.1>=16.12 and earlier=17.2<=17.3<17.3.4 | 17.6.1 17.3.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-ap-ip-flood-dos-6hxxENVQ?
The severity of cisco-sa-ap-ip-flood-dos-6hxxENVQ is considered significant due to its potential to cause DoS conditions.
How does cisco-sa-ap-ip-flood-dos-6hxxENVQ affect Cisco devices?
cisco-sa-ap-ip-flood-dos-6hxxENVQ allows an unauthenticated, remote attacker to unexpectedly reload the device, leading to denial of service.
Which Cisco software versions are affected by cisco-sa-ap-ip-flood-dos-6hxxENVQ?
Affected Cisco software versions include 16.12 and earlier, as well as 17.2, 17.3 up to 17.3.4, and 17.4 to 17.6 exclusive of 17.6.1.
How can I mitigate the risks associated with cisco-sa-ap-ip-flood-dos-6hxxENVQ?
To mitigate risks associated with cisco-sa-ap-ip-flood-dos-6hxxENVQ, it is recommended to update to the latest fixed software version.
Is there a workaround for cisco-sa-ap-ip-flood-dos-6hxxENVQ until it is patched?
Currently, there are no documented workarounds for cisco-sa-ap-ip-flood-dos-6hxxENVQ, so applying the recommended updates is essential.
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/weakness
- agent/severity
- agent/author
- agent/title
- agent/references
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/cisco-advisory
- source/Cisco
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco embedded wireless controller
- version/cisco embedded wireless controller/17.4
- version/cisco embedded wireless controller/17.5
- version/cisco embedded wireless controller/17.6
- version/cisco embedded wireless controller/16.12 and earlier
- version/cisco embedded wireless controller/17.2
- version/cisco embedded wireless controller/17.3