cisco-sa-20151113-aironet

Cisco Aironet 1800 Series Access Point SSHv2 Denial of Service Vulnerability

cisco-sa-20151113-aironet · Medium · Published 10 years ago · Updated 10 years ago

A vulnerability in the Secure Shell Version 2 (SSHv2) protocol of Cisco Aironet 1800 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high CPU utilization and an accumulation of SSHv2 connections. The vulnerability is due to improper handling of incoming SSHv2 connections that do not complete properly. An attacker could exploit this vulnerability by sending a high number of crafted SSHv2 connections to an affected device. An exploit could allow the attacker to cause a DoS condition due to high CPU utilization and an accumulation of SSHv2 connections. Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151113-aironet

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that mitigate this vulnerability.

CVEs	CVE-2015-6367
Cisco Bug IDs	CSCux13374
CVSS Score	Base 5.0 Base 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:U/RC:C
Product Names From Source	Cisco Aironet Access Point Software

Related Products

Product	CVE	Evidence

Vulnslist

find the latest Cisco vulnerabilities

Cisco Aironet 1800 Series Access Point SSHv2 Denial of Service Vulnerability

Workarounds

Related Products