CISCO : Cisco Wireless LAN Controller TSM SNMP Denial of Service Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.106218

Categoría: CISCO

Título: Cisco Wireless LAN Controller TSM SNMP Denial of Service Vulnerability

Resumen: A vulnerability in the traffic stream metrics (TSM) implemented with the;Inter-Access Point Protocol (IAPP) of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated,;adjacent attacker to cause a denial of service (DoS) condition because the process on the WLC unexpectedly;restarts.

Descripción: Summary:
A vulnerability in the traffic stream metrics (TSM) implemented with the
Inter-Access Point Protocol (IAPP) of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated,
adjacent attacker to cause a denial of service (DoS) condition because the process on the WLC unexpectedly
restarts.

Vulnerability Insight:
The occurs when an SNMP request for TSM information is received. An
attacker could exploit this vulnerability by sending crafted IAPP packets followed by an SNMP request for
TSM information to the targeted device.

Vulnerability Impact:
An exploit could allow the attacker to cause a DoS condition when the
WLC unexpectedly restarts.

Affected Software/OS:
All versions of Cisco Wireless LAN Controller prior to the first fixed
versions of 8.0.140, 8.2.121.0, and 8.3.102.0.

Solution:
Cisco has released software updates that address this vulnerability.

CVSS Score:
5.7

CVSS Vector:
AV:A/AC:M/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-6375
BugTraq ID: 92712
http://www.securityfocus.com/bid/92712
Cisco Security Advisory: 20160831 Cisco Wireless LAN Controller TSM SNMP Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-wlc-1
http://www.securitytracker.com/id/1036721

Copyright Copyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.106218
Categoría:	CISCO
Título:	Cisco Wireless LAN Controller TSM SNMP Denial of Service Vulnerability
Resumen:	A vulnerability in the traffic stream metrics (TSM) implemented with the;Inter-Access Point Protocol (IAPP) of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated,;adjacent attacker to cause a denial of service (DoS) condition because the process on the WLC unexpectedly;restarts.
Descripción:	Summary: A vulnerability in the traffic stream metrics (TSM) implemented with the Inter-Access Point Protocol (IAPP) of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition because the process on the WLC unexpectedly restarts. Vulnerability Insight: The occurs when an SNMP request for TSM information is received. An attacker could exploit this vulnerability by sending crafted IAPP packets followed by an SNMP request for TSM information to the targeted device. Vulnerability Impact: An exploit could allow the attacker to cause a DoS condition when the WLC unexpectedly restarts. Affected Software/OS: All versions of Cisco Wireless LAN Controller prior to the first fixed versions of 8.0.140, 8.2.121.0, and 8.3.102.0. Solution: Cisco has released software updates that address this vulnerability. CVSS Score: 5.7 CVSS Vector: AV:A/AC:M/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6375 BugTraq ID: 92712 http://www.securityfocus.com/bid/92712 Cisco Security Advisory: 20160831 Cisco Wireless LAN Controller TSM SNMP Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-wlc-1 http://www.securitytracker.com/id/1036721
Copyright	Copyright (C) 2016 Greenbone Networks GmbH