Cisco-SA-20151002-CVE-2015-6311

Cisco Wireless LAN Controller Devices 802.11i Management Frame Denial of Service Vulnerability

Cisco-SA-20151002-CVE-2015-6311 · Medium · Published 10 years ago · Updated 10 years ago

Cisco Wireless LAN Controller (WLC) devices contain a denial of service vulnerability that could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to a failure to properly discard certain malformed values in an 802.11i management frame received from a wireless client. An attacker could trigger the vulnerability by submitting a crafted frame to an access point managed by the affected Cisco WLC. Cisco has confirmed the vulnerability and released software updates. To exploit this vulnerability, an attacker must be on the same broadcast or collision domain as the targeted device. This access requirement reduces the likelihood of a successful exploit. Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.

Cisco advisory ·CSAF JSON

Workarounds

Administrators are advised to apply the appropriate updates.

Administrators are advised to allow only trusted users to have network access.

Administrators are advised to monitor affected systems.

CVEs	CVE-2015-6311
Cisco Bug IDs	NA
CVSS Score	Base 6.1 Base 6.1 AV:A/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C
Product Names From Source	Cisco Wireless LAN Controller (WLC) 7.0.240.0, Cisco Wireless LAN Controller (WLC) 7.3.101.0, Cisco Wireless LAN Controller (WLC)

Related Products

Product	CVE	Evidence

Vulnslist

find the latest Cisco vulnerabilities

Cisco Wireless LAN Controller Devices 802.11i Management Frame Denial of Service Vulnerability

Workarounds

Related Products