CVE-2016-6375

CWE-3994 documents4 sources

Severity

5.3MEDIUM

EPSS

0.3%

top 48.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Wireless LAN Controller Software Cisco Wireless LAN Controller Software 6.0 Cisco Wireless LAN Controller Software 7.0 +3 more

Timeline

PublishedSep 12

Latest updateMay 14

Description

Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow remote attackers to cause a denial of service (device reload) by sending crafted Inter-Access Point Protocol (IAPP) packets and then sending a traffic stream metrics (TSM) information request over SNMP, aka Bug ID CSCuz40221.

CVSS vector

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 1.6 | Impact: 3.6

Affected Packages6 packages

▶NVDcisco/wireless_lan_controller_software78 versions+77

▶NVDcisco/wireless_lan_controller_software_6.05 versions+4

▶NVDcisco/wireless_lan_controller_software_7.07 versions+6

▶NVDcisco/wireless_lan_controller_software_7.191.0

▶NVDcisco/wireless_lan_controller_software_7.2103.0

🔴Vulnerability Details

GHSA

GHSA-gx3q-vm7v-ccv8: Cisco Wireless LAN Controller (WLC) devices before 8↗2022-05-14

▶

CVEList

CVE-2016-6375: Cisco Wireless LAN Controller (WLC) devices before 8↗2016-09-12

▶

📋Vendor Advisories

Cisco

Cisco Wireless LAN Controller TSM SNMP Denial of Service Vulnerability↗2016-08-31

▶