Guest

Preview Tool

Cisco Bug: CSCvs58795 - Cat3K 802.11v Basic Service Set Transition Management Denial of Service Vulnerability

Last Modified

Aug 25, 2020

Products (120)

  • Cisco Catalyst 3850 Series Switches
  • Cisco Catalyst 3650-24PD-E Switch
  • Cisco Catalyst 3850-48XS-E Switch
  • Cisco Catalyst 3650-24PDM-E Switch
  • Cisco Catalyst 3850-24U-S Switch
  • Cisco Catalyst 3850-24P-L Switch
  • Cisco Catalyst 3650-48FQ-E Switch
  • Cisco Catalyst 3850-48P-E Switch
  • Cisco Catalyst 3850-48XS-F-S Switch
  • Cisco Catalyst 3650-12X48UQ-L Switch
View all products in Bug Search Tool Login Required

Known Affected Releases

Denali-16.3.9

Description (partial)

Symptom:
A vulnerability in the implementation of 802.11v Basic Service Set (BSS) Transition Management functionality inCisco Catalyst 3850 Series Switches could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.

The vulnerability is due to insufficient input validation of 802.11v BSS Transition Management Response packets that an affected device receives from wireless clients. An attacker could exploit this vulnerability by sending a malformed 802.11v BSS Transition Management Response packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload unexpectedly, resulting in a DoS condition.

Conditions:
This vulnerabilty applies to the Cisco Catalyst 3850 Series Switches and at the time of publication will be fixed in 16.3.10.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.