CVE-2021-34740

CWE-401Memory Leak4 documents4 sources
Severity
7.4HIGH
EPSS
0.1%
top 72.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Aironet Access Point SoftwareCisco Cisco Aironet Access Point Software
Timeline
PublishedSep 23
Latest updateMay 24

Description

A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affecte

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 2.8 | Impact: 4.0

Affected Packages2 packages

NVDcisco/aironet_access_point_software8.10.08.10.162.0+2

🔴Vulnerability Details

2
GHSA
GHSA-8j6f-39hh-f4v6: A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacen2022-05-24
CVEList
Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability2021-09-23

📋Vendor Advisories

1
Cisco
Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability2021-09-22
CVE-2021-34740 (HIGH CVSS 7.4) | A vulnerability in the WLAN Control | cvebase.io