A vulnerability in the Cisco Adaptive Wireless Intrusion Prevention System (wIPS) implementation in the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition because the wIPS process on the WLC unexpectedly restarts.
The vulnerability is due to lack of proper input validation of wIPS protocol packets. An attacker could exploit this vulnerability by sending a malformed wIPS packet to the affected device. An exploit could allow the attacker to cause a DoS condition when the wIPS process on the WLC unexpectedly restarts.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
http://ift.tt/2bS26kA A vulnerability in the Cisco Adaptive Wireless Intrusion Prevention System (wIPS) implementation in the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition because the wIPS process on the WLC unexpectedly restarts.
The vulnerability is due to lack of proper input validation of wIPS protocol packets. An attacker could exploit this vulnerability by sending a malformed wIPS packet to the affected device. An exploit could allow the attacker to cause a DoS condition when the wIPS process on the WLC unexpectedly restarts.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
http://ift.tt/2bS26kA
Security Impact Rating: Medium
CVE: CVE-2016-6376
from Cisco Security Advisory http://ift.tt/2bS26kA
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.