← Back

CVE-2017-12222

nvd nist
Published: Sep 29, 2017Modified: May 13, 2026

JSON object

Loading...
6.5
Vector
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 2.8 / Impact: 3.6
Source: NVD

Description

A vulnerability in the wireless controller manager of Cisco IOS XE could allow an unauthenticated, adjacent attacker to cause a restart of the switch and result in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting a crafted association request. An exploit could allow the attacker to cause the switch to restart. This vulnerability affects Cisco Catalyst 3650 and 3850 switches running IOS XE Software versions 16.1 through 16.3.3, and acting as wireless LAN controllers (WLC). Cisco Bug IDs: CSCvd45069.

Affected (13)

Products: Cisco: Ios Xe
Cisco
1 product
Ios Xe
Configuration A
13 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Ios Xe
Version 16.1.1
Ios Xe
Version 16.1.2
Ios Xe
Version 16.1.3
Ios Xe
Version 16.1.3a
Ios Xe
Version 16.1.4
Ios Xe
Version 16.2.1
Ios Xe
Version 16.2.2
Ios Xe
Version 16.2.2a
Ios Xe
Version 16.2.3
Ios Xe
Version 16.3.1
Ios Xe
Version 16.3.1a
Ios Xe
Version 16.3.2
Ios Xe
Version 16.3.3

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
CWE-399
CWE-399

References (6)

Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.