—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Cisco Security Advisory: Cisco IOS XE Wireless Controller Manager Denial of Service Vulnerability
Advisory ID: cisco-sa-20170927-ios-xe
Revision: 1.0
For Public Release: 2017 September 27 16:00 GMT
Last Updated: 2017 September 27 16:00 GMT
CVE ID(s): CVE-2017-12222
CVSS Score v(3): 7.4 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
+———————————————————————
Summary
=======
A vulnerability in the wireless controller manager of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a restart of the switch and result in a denial of service (DoS) condition.
The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting a crafted association request. An exploit could allow the attacker to cause the switch to restart.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-ios-xe [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-ios-xe”]
—–BEGIN PGP SIGNATURE—–
iQKBBAEBAgBrBQJZy82YZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg
SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx
NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHmVMQ/+IDHxs96SuyF0q2z5
AUfbMI98O7YpJ8Lsx16pcSsQMFi431EKEIpaHfnKkLK2pOTutoclwH8bvGRYbVnX
PnoK1OwmvCPhpN79XlewF/jfXt1l7tYevpqIlaE3qwP7DLKLoEJXMH6JYnmQOoeq
pufV+Nb+I6pE/VnbWG+J8z3TKjj1+ZkS27YcZ8UKKMwVrbKRC+2DLEWeO2HTtBYq
0WUNTQVzV9MCdAOZ0008e00gf83mRgEWTiO65bLF2M8K1C1SM6RMbbJSxiQ7/J9U
sXgBsQ9pe9GATsqsiXhGfWou9yCMhBbU6GUyCZQSCMNf4kr7VNDhtBkw8LxLsTU+
SjGXtLA/UjN0RCXj9orf3l/LYUw5K/S6jw8sgegeoKNs0YB5W9IoQYu5ABaXWzqh
y5hLs7aRCQv6MxCEek0S6oNklUi9j4aabyk4RFQBhRQtBYtxQX6GVhE0t4KJu1hM
IfvhYIPieHvuw3daUhFkHkXGVO8/dSOLWOJxD4p24kmzkfZTIZ3z0ymhb+8xbp0O
Khr7HXKcUeZp2xE7oROWEmnD9mclWH/oCIg4qd6WyBYmghb4LAR2WvnK9fbDb3a+
Txh6osYbWYMKWBBjOn3IePsbyy+5AIWNdHc3CnE+tNsFB/TILaufCm8LAxLfZYR4
8WTJtX8eFDMlI8EXQyQfYS/Gbno=
=4o4V
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com