CVE-2016-6376

CWE-3994 documents4 sources

Severity

6.5MEDIUM

EPSS

0.3%

top 46.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Wireless LAN Controller Cisco Wireless LAN Controller 6.0 Cisco Wireless LAN Controller 7.0 +3 more

Timeline

PublishedSep 2

Latest updateMay 17

Description

The Adaptive Wireless Intrusion Prevention System (wIPS) feature on Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device restart) via a malformed wIPS packet, aka Bug ID CSCuz40263.

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages6 packages

▶NVDcisco/wireless_lan_controller78 versions+77

▶NVDcisco/wireless_lan_controller_6.05 versions+4

▶NVDcisco/wireless_lan_controller_7.07 versions+6

▶NVDcisco/wireless_lan_controller_7.191.0

▶NVDcisco/wireless_lan_controller_7.2103.0

🔴Vulnerability Details

GHSA

GHSA-4hmg-hvqw-h4p9: The Adaptive Wireless Intrusion Prevention System (wIPS) feature on Cisco Wireless LAN Controller (WLC) devices before 8↗2022-05-17

▶

CVEList

CVE-2016-6376: The Adaptive Wireless Intrusion Prevention System (wIPS) feature on Cisco Wireless LAN Controller (WLC) devices before 8↗2016-09-02

▶

📋Vendor Advisories

Cisco

Cisco Wireless LAN Controller wIPS Denial of Service Vulnerability↗2016-08-31

▶