Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability
Vulnerability Description
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to inadequate input validation of incoming CAPWAP packets encapsulating multicast DNS (mDNS) queries. An attacker could exploit this vulnerability by connecting to a wireless network and sending a crafted mDNS query, which would flow through and be processed by the wireless controller. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Vulnerability Type
未检查返回值导致空指针解引用
Vulnerability Title
Cisco IOS XE Wireless Controller software 代码问题漏洞
Vulnerability Description
Cisco IOS XE Wireless Controller software是美国思科(Cisco)公司的一个无线局域网控制器。提供一个管理网络功能 Cisco IOS XE Wireless Controller software 存在代码问题漏洞,该漏洞源于攻击者可以通过 CAPWAP 导致 Cisco IOS XE 的致命错误,以触发拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A