CVE-2016-6363

CWE-119 — Buffer Overflow4 documents4 sources

Severity

6.5MEDIUM

EPSS

0.8%

top 25.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Aironet Access Point Software

Timeline

PublishedAug 22

Latest updateMay 17

Description

The rate-limit feature in the 802.11 protocol implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via crafted 802.11 frames, aka Bug ID CSCva06192.

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

▶NVDcisco/aironet_access_point_software7 versions+6

🔴Vulnerability Details

GHSA

GHSA-xjfv-2mvv-4jqx: The rate-limit feature in the 802↗2022-05-17

▶

CVEList

CVE-2016-6363: The rate-limit feature in the 802↗2016-08-22

▶

📋Vendor Advisories

Cisco

Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms 802.11 Protocol Denial of Service Vulnerability↗2016-08-17

▶