Guest

Preview Tool

Cisco Bug: CSCuo12321 - Wireless LAN Controller CDP Denial of Service Vulnerability

Last Modified

Aug 11, 2015

Products (1)

  • Cisco 5500 Series Wireless Controllers

Known Affected Releases

7.5(102.0) 7.6(100.16) 7.6(110.0)

Description (partial)

Symptom:
A vulnerability in the Cisco Discovery Protocol (CDP) subsystem of Cisco Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition..

The vulnerability is due to a failure to properly check for certain NULL values present in a CDP packet. An attacker could exploit this vulnerability by by submitting crafted CDP requests to an affected device. The attacker would then need to convince a user to preform an SNMP poll of the affected MIB.. An attacker that can convince a user to preform an SNMP poll of the affected MIB could trigger a NULL Pointer error that results in a restart of the device.

This vulnerability affects versions 7.5, 7.6.100.0, and 7.6.110.0 only.

Conditions:
Cisco Wireless LAN Controller running an affected version of CDP software.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.