CVE-2021-34740

A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device.

Severity	HIGH
CVSS	7.4
CWE	CWE-401
KEV
Published	4 years ago
Modified	1 year ago

Related Products

Product	Advisory
Cisco RV Series Routers	cisco-sa-airo-wpa-pktleak-dos-uSTyGrL
Cisco Nexus Dashboard	cisco-sa-airo-wpa-pktleak-dos-uSTyGrL
Cisco IOS XE Software	cisco-sa-airo-wpa-pktleak-dos-uSTyGrL
Cisco IOS Software	cisco-sa-airo-wpa-pktleak-dos-uSTyGrL
Cisco Aironet Access Point Software (IOS XE Controller)	cisco-sa-airo-wpa-pktleak-dos-uSTyGrL
Cisco Aironet Access Point Software	cisco-sa-airo-wpa-pktleak-dos-uSTyGrL