漏洞标题
N/A
漏洞描述信息
Cisco Aironet 3800 Series 授权管理器模块对802.11w Protected Management Frames(PAF)的处理中存在的漏洞可能导致未授权的相邻攻击者终止对受影响设备的合法用户连接,即拒绝服务。该漏洞的存在是因为受影响的设备未能正确验证它接收的802.11w PAF脱离和脱密钥 frames。攻击者可以通过从相邻网络中 valid, authenticated 客户端发送一个伪造的802.11w PAF frame来利用此漏洞。一个成功的漏洞利用可能导致攻击者终止受影响设备的单个合法用户连接。该漏洞影响配置在 FlexConnect 模式下运行的授权管理器模块。Cisco Bug ID: CSCvc20627。
CVSS信息
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
A vulnerability in the handling of 802.11w Protected Management Frames (PAF) by Cisco Aironet 3800 Series Access Points could allow an unauthenticated, adjacent attacker to terminate a valid user connection to an affected device, aka Denial of Service. The vulnerability exists because the affected device does not properly validate 802.11w PAF disassociation and deauthentication frames that it receives. An attacker could exploit this vulnerability by sending a spoofed 802.11w PAF frame from a valid, authenticated client on an adjacent network to an affected device. A successful exploit could allow the attacker to terminate a single valid user connection to the affected device. This vulnerability affects Access Points that are configured to run in FlexConnect mode. Cisco Bug IDs: CSCvc20627.
CVSS信息
N/A
漏洞类别
内存缓冲区边界内操作的限制不恰当
漏洞标题
Cisco Aironet 3800 Series Access Points 安全漏洞
漏洞描述信息
Cisco Aironet 3800 Series Access Points是美国思科(Cisco)公司的一套无线访问接入点设备。802.11w Protected Management Frames(PAF)是其中的一个帧加密保护组件。 Cisco Aironet 3800 Series Access Points中802.11w PAF的处理存在拒绝服务漏洞,该漏洞源于程序没有正确的验证接收到的802.11w PAF解除关联和解除认证帧。攻击者可借助临近网络上已认证的有效客户端向受影响的设备发送伪造
CVSS信息
N/A
漏洞类别
缓冲区错误