Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.2
CVSSv2

CVE-2017-12278

Published: 02/11/2017 Updated: 09/10/2019
CVSS v2 Base Score: 5.2 | Impact Score: 6.9 | Exploitability Score: 4.4
CVSS v3 Base Score: 6.3 | Impact Score: 4 | Exploitability Score: 1.8
VMScore: 463
Vector: AV:A/AC:M/Au:S/C:N/I:N/A:C
Subscribe to Wireless Lan Controller Software

Vulnerability Summary

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco Wireless LAN Controllers could allow an authenticated, remote malicious user to cause an affected device to restart, resulting in a denial of service (DoS) condition. The vulnerability is due to a memory leak that occurs on an affected device after the device fails to deallocate a buffer that is used when certain MIBs are polled. An attacker who knows the SNMP Version 2 SNMP Read string or has valid SNMP Version 3 credentials for an affected device could repeatedly poll the affected MIB object IDs (OIDs) and consume available memory on the device. When memory is sufficiently depleted on the device, the device will restart, resulting in a DoS condition. Cisco Bug IDs: CSCvc71674.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco wireless_lan_controller_software -

Vendor Advisories

Cisco: Cisco Wireless LAN Controller Simple Network Management Protocol Memory Leak Denial of Service Vulnerability
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco Wireless LAN Controllers could allow an authenticated, remote attacker to cause an affected device to restart, resulting in a denial of service (DoS) condition The vulnerability is due to a memory leak that occurs on an affected device after the device fails to de ...

References

CWE-772https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-wlc1http://www.securitytracker.com/id/1039712http://www.securityfocus.com/bid/101642https://nvd.nist.govhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-wlc1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook