CVE-2016-9194

CWE-3994 documents4 sources
Severity
6.5MEDIUM
EPSS
0.2%
top 59.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Cisco Wireless LAN ControllerCisco Wireless LAN Controller 6.0Cisco Wireless LAN Controller 7.0+3 more
Timeline
PublishedApr 6
Latest updateMay 17

Description

A vulnerability in 802.11 Wireless Multimedia Extensions (WME) action frame processing in Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of the 802.11 WME packet header. An attacker could exploit this vulnerability by sending malformed 802.11 WME frames to a targeted device. A successful exploit could allow the attacker to cause the WLC to reload u

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages7 packages

CVEListV5cisco_wireless_lan_controllerCisco Wireless LAN Controller
NVDcisco/wireless_lan_controller36 versions+35

🔴Vulnerability Details

2
GHSA
GHSA-42rw-vphv-r65g: A vulnerability in 8022022-05-17
CVEList
CVE-2016-9194: A vulnerability in 8022017-04-06

📋Vendor Advisories

1
Cisco
Cisco Wireless LAN Controller 802.11 WME Denial of Service Vulnerability2017-04-05