cisco-sa-ewlc-dos-AnvKvMxR: Cisco IOS XE Software Catalyst 9800 Series Wireless Controllers Denial of Service Vulnerability

First published: Wed Jun 03 2020(Updated: )

A vulnerability in the handling of IEEE 802.11w Protected Management Frames (PMFs) of Cisco Catalyst 9800 Series Wireless Controllers that are running Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to terminate a valid user connection to an affected device. The vulnerability exists because the affected software does not properly validate 802.11w disassociation and deauthentication PMFs that it receives. An attacker could exploit this vulnerability by sending a spoofed 802.11w PMF from a valid, authenticated client on a network adjacent to an affected device. A successful exploit could allow the attacker to terminate a single valid user connection to the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-dos-AnvKvMxR

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/event
• agent/type
• agent/last-modified-date
• agent/first-publish-date
• collector/cisco-advisory
• source/Cisco
• agent/severity
• agent/title
• agent/weakness
• agent/references
• agent/description
• agent/source
• agent/softwarecombine
• agent/tags
• agent/guess-ai
• agent/software-canonical-lookup
• agent/software-canonical-lookup-request
• vendor/cisco
• canonical/cisco ios xe software for catalyst 9800 series wireless controllers