CVE-2021-34740
7.4
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Exploitability: 2.8 / Impact: 4.0
Source: NVD
Description
A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device.
Affected (3)
Products: Cisco: Aironet Access Point Software
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| From 8.10.0 to 8.10.162.0 |
| Running on/with | Platform Versions |
|---|---|
Cisco 1100 4g/6g Integrated Services Router | All versions |
Cisco 1100 4p Integrated Services Router | All versions |
Cisco 1100 8p Integrated Services Router | All versions |
Cisco 1100 Integrated Services Router | All versions |
Cisco 1101 4p Integrated Services Router | All versions |
Cisco 1101 Integrated Services Router | All versions |
Cisco 1109 2p Integrated Services Router | All versions |
Cisco 1109 4p Integrated Services Router | All versions |
Cisco 1109 Integrated Services Router | All versions |
Cisco 1111x 8p Integrated Services Router | All versions |
Cisco 1111x Integrated Services Router | All versions |
Cisco 111x Integrated Services Router | All versions |
Cisco 1120 Integrated Services Router | All versions |
Cisco 1160 Integrated Services Router | All versions |
Cisco 6300 Series Access Points | All versions |
Cisco Aironet 1540 | All versions |
Cisco Aironet 1542d | All versions |
Cisco Aironet 1542i | All versions |
Cisco Aironet 1560 | All versions |
Cisco Aironet 1562d | All versions |
Cisco Aironet 1562e | All versions |
Cisco Aironet 1562i | All versions |
Cisco Aironet 1800 | All versions |
Cisco Aironet 1800i | All versions |
Cisco Aironet 1810 | All versions |
Cisco Aironet 1810w | All versions |
Cisco Aironet 1815 | All versions |
Cisco Aironet 1815i | All versions |
Cisco Aironet 1830 | All versions |
Cisco Aironet 1830e | All versions |
Cisco Aironet 1830i | All versions |
Cisco Aironet 1840 | All versions |
Cisco Aironet 1850 | All versions |
Cisco Aironet 1850e | All versions |
Cisco Aironet 1850i | All versions |
Cisco Aironet 2800 | All versions |
Cisco Aironet 2800e | All versions |
Cisco Aironet 2800i | All versions |
Cisco Aironet 3800 | All versions |
Cisco Aironet 3800e | All versions |
Cisco Aironet 3800i | All versions |
Cisco Aironet 3800p | All versions |
Cisco Aironet 4800 | All versions |
Cisco Catalyst 9100 | All versions |
Cisco Catalyst 9105 | All versions |
Cisco Catalyst 9105axi | All versions |
Cisco Catalyst 9105axw | All versions |
Cisco Catalyst 9115 | All versions |
Cisco Catalyst 9115 Ap | All versions |
Cisco Catalyst 9115axe | All versions |
Cisco Catalyst 9115axi | All versions |
Cisco Catalyst 9117 | All versions |
Cisco Catalyst 9117 Ap | All versions |
Cisco Catalyst 9117axi | All versions |
Cisco Catalyst 9120 | All versions |
Cisco Catalyst 9120 Ap | All versions |
Cisco Catalyst 9120axe | All versions |
Cisco Catalyst 9120axi | All versions |
Cisco Catalyst 9120axp | All versions |
Cisco Catalyst 9124 | All versions |
Cisco Catalyst 9124axd | All versions |
Cisco Catalyst 9124axi | All versions |
Cisco Catalyst 9130 | All versions |
Cisco Catalyst 9130 Ap | All versions |
Cisco Catalyst 9130axe | All versions |
Cisco Catalyst 9130axi | All versions |
Cisco Catalyst Iw6300 | All versions |
Cisco Catalyst Iw6300 Ac | All versions |
Cisco Catalyst Iw6300 Dc | All versions |
Cisco Catalyst Iw6300 Dcw | All versions |
References (2)
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.