TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2021-34740

HIGH
7.4

Beschreibung

A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device.

CVE Details

CVSS v3.1 Bewertung7.4
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
AngriffsvektorADJACENT_NETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht9/23/2021
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0

Betroffene Produkte

cisco:1100-4g\/6g_integrated_services_routercisco:1100-4p_integrated_services_routercisco:1100-8p_integrated_services_routercisco:1100_integrated_services_routercisco:1101-4p_integrated_services_routercisco:1101_integrated_services_routercisco:1109-2p_integrated_services_routercisco:1109-4p_integrated_services_routercisco:1109_integrated_services_routercisco:1111x-8p_integrated_services_routercisco:1111x_integrated_services_routercisco:111x_integrated_services_routercisco:1120_integrated_services_routercisco:1160_integrated_services_routercisco:6300_series_access_pointscisco:aironet_1540cisco:aironet_1542dcisco:aironet_1542icisco:aironet_1560cisco:aironet_1562dcisco:aironet_1562ecisco:aironet_1562icisco:aironet_1800cisco:aironet_1800icisco:aironet_1810cisco:aironet_1810wcisco:aironet_1815cisco:aironet_1815icisco:aironet_1830cisco:aironet_1830ecisco:aironet_1830icisco:aironet_1840cisco:aironet_1850cisco:aironet_1850ecisco:aironet_1850icisco:aironet_2800cisco:aironet_2800ecisco:aironet_2800icisco:aironet_3800cisco:aironet_3800ecisco:aironet_3800icisco:aironet_3800pcisco:aironet_4800cisco:aironet_access_point_softwarecisco:catalyst_9100cisco:catalyst_9105cisco:catalyst_9105axicisco:catalyst_9105axwcisco:catalyst_9115cisco:catalyst_9115_apcisco:catalyst_9115axecisco:catalyst_9115axicisco:catalyst_9117cisco:catalyst_9117_apcisco:catalyst_9117axicisco:catalyst_9120cisco:catalyst_9120_apcisco:catalyst_9120axecisco:catalyst_9120axicisco:catalyst_9120axpcisco:catalyst_9124cisco:catalyst_9124axdcisco:catalyst_9124axicisco:catalyst_9130cisco:catalyst_9130_apcisco:catalyst_9130axecisco:catalyst_9130axicisco:catalyst_iw6300cisco:catalyst_iw6300_accisco:catalyst_iw6300_dccisco:catalyst_iw6300_dcw

Schwachen (CWE)

CWE-401CWE-401

Referenzen

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL(psirt@cisco.com)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.