CVE-2021-1439

A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of incoming mDNS traffic. An attacker could exploit this vulnerability by sending a crafted mDNS packet to an affected device through a wireless network that is configured in FlexConnect local switching mode or through a wired network on a configured mDNS VLAN. A successful exploit could allow the attacker to cause the access point (AP) to reboot, resulting in a DoS condition.

Severity	HIGH
CVSS	7.4
CWE	CWE-120
KEV
Published	5 years ago
Modified	1 year ago

Related Products

Product	Advisory
Cisco RV Series Routers	cisco-sa-aironet-mdns-dos-E6KwYuMx
Cisco Nexus Dashboard	cisco-sa-aironet-mdns-dos-E6KwYuMx
Cisco Meraki MX security and SD-WAN appliances	cisco-sa-aironet-mdns-dos-E6KwYuMx
Cisco IOS XE Software	cisco-sa-aironet-mdns-dos-E6KwYuMx
Cisco IOS Software	cisco-sa-aironet-mdns-dos-E6KwYuMx
Cisco Aironet Access Point Software (IOS XE Controller)	cisco-sa-aironet-mdns-dos-E6KwYuMx
Cisco Aironet Access Point Software	cisco-sa-aironet-mdns-dos-E6KwYuMx