CVE-2016-9220

CWE-3994 documents4 sources
Severity
4.3MEDIUM
EPSS
0.1%
top 71.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Aironet Access Point Software
Timeline
PublishedJan 26
Latest updateMay 17

Description

A Denial of Service Vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause the connection table to be full of invalid connections and be unable to process new incoming requests. More Information: CSCvb66659. Known Affected Releases: 8.2(130.0). Known Fixed Releases: 8.2(131.10) 8.2(131.6) 8.2(141.0) 8.3(104.56) 8.4(1.88) 8.4(1.91).

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5cisco_mobility_express_2800_and_3800Cisco Mobility Express 2800 and 3800

🔴Vulnerability Details

2
GHSA
GHSA-c86h-r59x-c7j5: A Denial of Service Vulnerability in 8022022-05-17
CVEList
CVE-2016-9220: A Denial of Service Vulnerability in 8022017-01-26

📋Vendor Advisories

1
Cisco
Cisco Mobility Express 2800 and 3800 802.11 Denial of Service Vulnerability2017-01-18
CVE-2016-9220 (MEDIUM CVSS 4.3) | A Denial of Service Vulnerability i | cvebase.io