CVE-2016-9194

Published Apr 6, 2017
Last updated 7 years ago
CVSS medium 6.5
Overview

Description: A vulnerability in 802.11 Wireless Multimedia Extensions (WME) action frame processing in Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of the 802.11 WME packet header. An attacker could exploit this vulnerability by sending malformed 802.11 WME frames to a targeted device. A successful exploit could allow the attacker to cause the WLC to reload unexpectedly. The fixed versions are 8.0.140.0, 8.2.130.0, and 8.3.111.0. Cisco Bug IDs: CSCva86353.
Source: ykramarz@cisco.com
NVD status: Modified
Risk scores

CVSS 3.0

Type: Primary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 6.1
Impact score: 6.9
Exploitability score: 6.5
Vector string: AV:A/AC:L/Au:N/C:N/I:N/A:C
Weaknesses

nvd@nist.gov: CWE-399
ykramarz@cisco.com: CWE-399
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:5.2.157.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "906F9233-7DEF-4742-9AF3-50B6C231A9F7"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:5.2.169.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9BE9F19D-1701-40BC-A374-111B5F38BE46"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:6.0_base:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6BD7A5C2-6354-449D-B715-2E9FFDD2E6FA"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.0_base:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A1B0325-D287-4286-B7E9-DB148881D9E3"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.1_base:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D547FB25-6486-4A77-99E6-C8F8EA9D5407"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.2_base:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FE090AB-88B8-4A42-9CED-FF54B2C812E0"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.3.101.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1538A4DA-6D77-4289-B47C-9BE2C7BDC036"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.3.103.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04FDC2A1-F522-440B-9C5E-18729C0C34E0"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.3.112:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE292FF9-9674-4251-9EF3-AD4A4F9CCC15"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.3_base:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0782064-881F-4ADB-880A-E005AFFE5ADC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.4.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C1E6716-BBDC-43FB-8016-10281E360049"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.4.100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E98435C2-EAD9-45BE-AE9A-CD1499F4239F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.4.100.60:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75473B22-A59F-471A-9DB8-8FA9FD504DC4"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.4.110.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12FD9D8F-2E52-4CA9-94BD-65F8B1FF26C4"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.4.121.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "05AEADF2-9986-432A-8416-1D138C8C94D5"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.4_base:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "246EDF05-FF4B-47FB-9A72-6417F239F0EB"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.5.102.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2FE2157-DE6C-4002-A209-091457BFA7F9"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.5.102.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3CB2EE4-565E-4EC0-978C-80738C5F8307"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.5_base:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED69F11C-153E-442B-8F7C-57961A25AAEB"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.6.1.62:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3D30E7A-4B2C-4A1E-B52C-C209757829F3"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.6.100.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB33D00D-7DCB-4150-9907-1365066F3767"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.6.110.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9051AFDE-A519-4701-9AD5-CBA7AEE46B0C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.6.120.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "354D3747-A6AB-41AA-8DD4-C17C0461EF7B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:7.6.130.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FE75C02-0E3E-4BA3-8E86-2FEA9EEB7E40"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:8.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6EA1478-B988-4DD7-A937-FB91FB0DEDB2"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:8.0.0.30220.385:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B467125C-5491-4066-A35A-891B78AD0A53"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:8.0.72.140:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13FACACE-CF96-474D-BA3E-F289BD96CF6F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:8.0.100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E439FF8-91DE-43E9-BE65-59BCEC52F3BF"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:8.0.115.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B798E5A-E108-4465-BD2B-A2F4ADFDB363"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:8.0.120.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "97971195-3E04-4AC1-95BC-479CE2CAB389"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:8.0.121.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "031A8A69-4E46-4EE5-B0A8-0A74E7C66A95"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:8.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B00858F6-C0AD-4822-9990-E0126AB43EF6"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:8.1.104.37:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6528ED0-853F-4475-AAD7-7F9B5E0DFE3B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:8.1.111.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B83E372-CFD8-4DDD-80F7-E3128D0C5E72"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:8.1.122.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7D5A815-BA48-43A5-8CD4-2E580B2CB0D0"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller:8.1.130.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA6129F0-5195-41AC-AFF3-50518B1ADB9E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_6.0:182.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55746AD1-5C44-4144-BBE3-53F4D654E57A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_6.0:188.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A74E0159-DA37-4AC2-8AA3-D6FA83F0DFF4"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_6.0:196.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B297FCF3-6FC4-4C0E-89A9-A760FF9A58CB"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_6.0:199.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F40022CC-A0AB-47EA-B089-9A3E66E49727"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_6.0:202.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED3D92BC-3052-4B3E-8152-ACFC8B507D47"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_7.0:98.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AEC6779-072A-43F2-AD75-9056D783B99D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_7.0:98.218:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88D96498-EF62-4B8E-AB8A-E326A306D473"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_7.0:116.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9BA2A940-A36F-4903-9A9D-DB0269D01C9F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_7.0:220.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "171F7669-64D7-4E1E-9766-86B5A1085B2E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_7.0:240.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FCCD4C58-E8A6-470C-8324-CAD6F149C87F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_7.0:250.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "97458DAB-1E88-4552-92D0-2C14B074E8C4"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_7.0:252.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FB2040D-5969-48D8-89FE-53C30B1483A2"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_7.1:91.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6075E464-5D78-492A-B85F-1C053E9B8CE9"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_7.2:103.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38F12EF1-A79E-446F-8A31-E188FF1C6B7F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_7.4:1.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "225D1199-74C7-4AAB-A434-F03DE0D57539"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_7.4:1.54:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25A6025A-6BE3-4BCF-A884-2EE630752459"
          },
          {
            "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_7.4:140.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B13ACDA7-F6C8-42E9-8748-14730F4D06D2"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
