Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability
Vulnerability Description
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of an affected device. The vulnerability is due to insufficient input validation during CAPWAP packet processing. An attacker could exploit this vulnerability by sending a crafted CAPWAP packet to an affected device, resulting in a buffer over-read. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Vulnerability Type
缓冲区上溢读取
Vulnerability Title
Cisco IOS XE 缓冲区错误漏洞
Vulnerability Description
Cisco IOS和IOS XE都是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 Cisco IOS XE Cisco Catalyst 9800 Series Wireless Controllers 存在缓冲区错误漏洞,该漏洞源于无线接入点(CAPWAP)协议处理和控制中的漏洞在CAPWAP数据包处理期间输入验证不足所致。攻击者可利用该漏洞通过将精心制作的CAPWAP数据包发送到受影响的设备。
CVSS Information
N/A
Vulnerability Type
N/A