CVE-2021-34740 - Vulnerability Details

CVE-2021-34740 - Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability

A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Cisco	1100-4g\/6g Integrated Services Router 1100-4p Integrated Services Router 1100-8p Integrated Services Router 1100 Integrated Services Router 1101-4p Integrated Services Router 1101 Integrated Services Router 1109-2p Integrated Services Router 1109-4p Integrated Services Router 1109 Integrated Services Router 1111x-8p Integrated Services Router 1111x Integrated Services Router 111x Integrated Services Router 1120 Integrated Services Router 1160 Integrated Services Router 6300 Series Access Points Aironet 1540 Aironet 1542d Aironet 1542i Aironet 1560 Aironet 1562d Aironet 1562e Aironet 1562i Aironet 1800 Aironet 1800i Aironet 1810 Aironet 1810w Aironet 1815 Aironet 1815i Aironet 1830 Aironet 1830e Aironet 1830i Aironet 1840 Aironet 1850 Aironet 1850e Aironet 1850i Aironet 2800 Aironet 2800e Aironet 2800i Aironet 3800 Aironet 3800e Aironet 3800i Aironet 3800p Aironet 4800 Aironet Access Point Software Catalyst 9100 Catalyst 9105 Catalyst 9105axi Catalyst 9105axw Catalyst 9115 Catalyst 9115 Ap Catalyst 9115axe Catalyst 9115axi Catalyst 9117 Catalyst 9117 Ap Catalyst 9117axi Catalyst 9120 Catalyst 9120 Ap Catalyst 9120axe Catalyst 9120axi Catalyst 9120axp Catalyst 9124 Catalyst 9124axd Catalyst 9124axi Catalyst 9130 Catalyst 9130 Ap Catalyst 9130axe Catalyst 9130axi Catalyst Iw6300 Catalyst Iw6300 Ac Catalyst Iw6300 Dc Catalyst Iw6300 Dcw

Configuration 1 [-]

AND

OR	cpe:2.3:o:cisco:aironet_access_point_software::::::::
	cpe:2.3:o:cisco:aironet_access_point_software:17.2:::::::*
	cpe:2.3:o:cisco:aironet_access_point_software:17.3:::::::*

OR	cpe:2.3:h:cisco:1100-4g\/6g_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1101_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1109_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1111x_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:111x_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1120_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1160_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:6300_series_access_points:-:::::::*
	cpe:2.3:h:cisco:aironet_1540:-:::::::*
	cpe:2.3:h:cisco:aironet_1542d:-:::::::*
	cpe:2.3:h:cisco:aironet_1542i:-:::::::*
	cpe:2.3:h:cisco:aironet_1560:-:::::::*
	cpe:2.3:h:cisco:aironet_1562d:-:::::::*
	cpe:2.3:h:cisco:aironet_1562e:-:::::::*
	cpe:2.3:h:cisco:aironet_1562i:-:::::::*
	cpe:2.3:h:cisco:aironet_1800:-:::::::*
	cpe:2.3:h:cisco:aironet_1800i:-:::::::*
	cpe:2.3:h:cisco:aironet_1810:-:::::::*
	cpe:2.3:h:cisco:aironet_1810w:-:::::::*
	cpe:2.3:h:cisco:aironet_1815:-:::::::*
	cpe:2.3:h:cisco:aironet_1815i:-:::::::*
	cpe:2.3:h:cisco:aironet_1830:-:::::::*
	cpe:2.3:h:cisco:aironet_1830e:-:::::::*
	cpe:2.3:h:cisco:aironet_1830i:-:::::::*
	cpe:2.3:h:cisco:aironet_1840:-:::::::*
	cpe:2.3:h:cisco:aironet_1850:-:::::::*
	cpe:2.3:h:cisco:aironet_1850e:-:::::::*
	cpe:2.3:h:cisco:aironet_1850i:-:::::::*
	cpe:2.3:h:cisco:aironet_2800:-:::::::*
	cpe:2.3:h:cisco:aironet_2800e:-:::::::*
	cpe:2.3:h:cisco:aironet_2800i:-:::::::*
	cpe:2.3:h:cisco:aironet_3800:-:::::::*
	cpe:2.3:h:cisco:aironet_3800e:-:::::::*
	cpe:2.3:h:cisco:aironet_3800i:-:::::::*
	cpe:2.3:h:cisco:aironet_3800p:-:::::::*
	cpe:2.3:h:cisco:aironet_4800:-:::::::*
	cpe:2.3:h:cisco:catalyst_9100:-:::::::*
	cpe:2.3:h:cisco:catalyst_9105:-:::::::*
	cpe:2.3:h:cisco:catalyst_9105axi:-:::::::*
	cpe:2.3:h:cisco:catalyst_9105axw:-:::::::*
	cpe:2.3:h:cisco:catalyst_9115:-:::::::*
	cpe:2.3:h:cisco:catalyst_9115_ap:-:::::::*
	cpe:2.3:h:cisco:catalyst_9115axe:-:::::::*
	cpe:2.3:h:cisco:catalyst_9115axi:-:::::::*
	cpe:2.3:h:cisco:catalyst_9117:-:::::::*
	cpe:2.3:h:cisco:catalyst_9117_ap:-:::::::*
	cpe:2.3:h:cisco:catalyst_9117axi:-:::::::*
	cpe:2.3:h:cisco:catalyst_9120:-:::::::*
	cpe:2.3:h:cisco:catalyst_9120_ap:-:::::::*
	cpe:2.3:h:cisco:catalyst_9120axe:-:::::::*
	cpe:2.3:h:cisco:catalyst_9120axi:-:::::::*
	cpe:2.3:h:cisco:catalyst_9120axp:-:::::::*
	cpe:2.3:h:cisco:catalyst_9124:-:::::::*
	cpe:2.3:h:cisco:catalyst_9124axd:-:::::::*
	cpe:2.3:h:cisco:catalyst_9124axi:-:::::::*
	cpe:2.3:h:cisco:catalyst_9130:-:::::::*
	cpe:2.3:h:cisco:catalyst_9130_ap:-:::::::*
cpe:2.3:h:cisco:catalyst_9130axe:-:::::::*
cpe:2.3:h:cisco:catalyst_9130axi:-:::::::*
cpe:2.3:h:cisco:catalyst_iw6300:-:::::::*
cpe:2.3:h:cisco:catalyst_iw6300_ac:-:::::::*
cpe:2.3:h:cisco:catalyst_iw6300_dc:-:::::::*
cpe:2.3:h:cisco:catalyst_iw6300_dcw:-:::::::*

No data.

References

Link	Providers
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL

History

Thu, 07 Nov 2024 22:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2021-09-23T02:26:41.933546Z

Updated: 2024-11-07T21:58:19.967Z

Reserved: 2021-06-15T00:00:00

Link: CVE-2021-34740

Vulnrichment

Updated: 2024-08-04T00:19:48.125Z

NVD

Status : Modified

Published: 2021-09-23T03:15:19.947

Modified: 2024-11-21T06:11:05.760

Link: CVE-2021-34740

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Cisco Aironet Access Point Software", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2021-09-22T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-401", "description": "CWE-401", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-09-23T02:26:41", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20210922 Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL"}], "source": {"advisory": "cisco-sa-airo-wpa-pktleak-dos-uSTyGrL", "defect": [["CSCvu98674"]], "discovery": "INTERNAL"}, "title": "Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-09-22T16:00:00", "ID": "CVE-2021-34740", "STATE": "PUBLIC", "TITLE": "Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Aironet Access Point Software", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "impact": {"cvss": {"baseScore": "7.4", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-401"}]}]}, "references": {"reference_data": [{"name": "20210922 Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL"}]}, "source": {"advisory": "cisco-sa-airo-wpa-pktleak-dos-uSTyGrL", "defect": [["CSCvu98674"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T00:19:48.125Z"}, "title": "CVE Program Container", "references": [{"name": "20210922 Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-07T21:40:33.671746Z", "id": "CVE-2021-34740", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-07T21:58:19.967Z"}}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2021-34740", "datePublished": "2021-09-23T02:26:41.933546Z", "dateReserved": "2021-06-15T00:00:00", "dateUpdated": "2024-11-07T21:58:19.967Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL", "name": "20210922 Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T00:19:48.125Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-34740", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-07T21:40:33.671746Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-07T21:41:22.089Z"}}], "cna": {"title": "Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability", "source": {"defect": [["CSCvu98674"]], "advisory": "cisco-sa-airo-wpa-pktleak-dos-uSTyGrL", "discovery": "INTERNAL"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Aironet Access Point Software", "versions": [{"status": "affected", "version": "n/a"}]}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "datePublic": "2021-09-22T00:00:00", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL", "name": "20210922 Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-401", "description": "CWE-401"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2021-09-23T02:26:41"}, "x_legacyV4Record": {"impact": {"cvss": {"version": "3.0", "baseScore": "7.4", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}}, "source": {"defect": [["CSCvu98674"]], "advisory": "cisco-sa-airo-wpa-pktleak-dos-uSTyGrL", "discovery": "INTERNAL"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "n/a"}]}, "product_name": "Cisco Aironet Access Point Software"}]}, "vendor_name": "Cisco"}]}}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "data_type": "CVE", "references": {"reference_data": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL", "name": "20210922 Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability", "refsource": "CISCO"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-401"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-34740", "STATE": "PUBLIC", "TITLE": "Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability", "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-09-22T16:00:00"}}}}, "cveMetadata": {"cveId": "CVE-2021-34740", "state": "PUBLISHED", "dateUpdated": "2024-11-07T21:58:19.967Z", "dateReserved": "2021-06-15T00:00:00", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2021-09-23T02:26:41.933546Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "2688A8E4-F734-4353-889C-D4346F838AD3", "versionEndExcluding": "8.10.162.0", "versionStartIncluding": "8.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:17.2:*:*:*:*:*:*:*", "matchCriteriaId": "58FD0CE4-DF50-41B9-9ED5-049585DA8E46", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:aironet_access_point_software:17.3:*:*:*:*:*:*:*", "matchCriteriaId": "C9C881D9-8270-4413-B762-33E9661FC407", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "A6F668B9-2C1D-4306-8286-35E67D0F67C7", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:6300_series_access_points:-:*:*:*:*:*:*:*", "matchCriteriaId": "6E6F57DE-E039-49D7-B240-48CBD9CACD6C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1540:-:*:*:*:*:*:*:*", "matchCriteriaId": "72BFEED4-7AD7-406F-A044-BDEA98133711", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*", "matchCriteriaId": "C5DB7510-2741-464A-8FC9-8419985E330F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*", "matchCriteriaId": "3AE916B2-CAAD-4508-A47E-A7D4D88B077A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:*", "matchCriteriaId": "8191FD87-4E55-4F38-8DB0-7E6772AD075B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*", "matchCriteriaId": "1D717945-EE41-4D0F-86EF-90826EBE9C3E", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*", "matchCriteriaId": "99EAEA92-6589-4DFB-BC4B-8CBA425452D9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*", "matchCriteriaId": "D27AB201-342D-4517-9E05-6088598F4695", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*", "matchCriteriaId": "02F4C00A-D1E2-4B21-A14E-F30B4B818493", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1800i:-:*:*:*:*:*:*:*", "matchCriteriaId": "BC836B4D-A489-4300-B0A2-EF0B6E01E623", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1810:-:*:*:*:*:*:*:*", "matchCriteriaId": "36F923CF-D4EB-48F8-821D-8BB3A69ABB62", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1810w:-:*:*:*:*:*:*:*", "matchCriteriaId": "1D613A17-FFA9-4FF0-9C2A-AF8ACD59B765", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8BF9DDB-884D-47B5-A295-8BFA5207C412", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*", "matchCriteriaId": "207DC80E-499C-4CA3-8A88-F027DBC64CCF", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1830:-:*:*:*:*:*:*:*", "matchCriteriaId": "093AB3A8-853B-4094-BFB5-6A8775AAA8D3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1830e:-:*:*:*:*:*:*:*", "matchCriteriaId": "4590D445-B4B6-48E6-BF55-BEA6BA763410", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1830i:-:*:*:*:*:*:*:*", "matchCriteriaId": "848CC5CD-1982-4F31-A626-BD567E1C19F0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1840:-:*:*:*:*:*:*:*", "matchCriteriaId": "A69CA9D6-914D-436F-AA81-B218CC312D29", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1850:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE0B76A8-377E-4176-8F04-B0D468D4E767", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*", "matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*", "matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:*", "matchCriteriaId": "3C28A6B0-10FF-4C6D-8527-2313E163C98E", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*", "matchCriteriaId": "098A82FF-95F7-416A-BADD-C57CE81ACD32", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD1D5813-9223-4B3F-9DE2-F3EF854FC927", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:*", "matchCriteriaId": "7636F7E2-E386-4F8C-A0C5-F510D8E21DA4", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*", "matchCriteriaId": "10D7583E-2B61-40F1-B9A6-701DA08F8CDF", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*", "matchCriteriaId": "945DDBE7-6233-416B-9BEE-7029F047E298", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*", "matchCriteriaId": "0ED89428-750C-4C26-B2A1-E3D63F8B3F44", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*", "matchCriteriaId": "749040C6-A21A-4EF3-8213-42EE01CFA303", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F3CCCFE-88CC-4F7B-8958-79CA62516EA9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*", "matchCriteriaId": "19F93DF4-67DB-4B30-AC22-60C67DF32DB2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*", "matchCriteriaId": "59C77B06-3C22-4092-AAAB-DB099A0B16A6", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*", "matchCriteriaId": "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9115_ap:-:*:*:*:*:*:*:*", "matchCriteriaId": "56A3430C-9AF7-4604-AD95-FCF2989E9EB0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE4C56A6-E843-498A-A17B-D3D1B01E70E7", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*", "matchCriteriaId": "F050F416-44C3-474C-9002-321A33F288D6", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9117_ap:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4AE36E2-E7E9-4E49-8BFF-615DACFC65C1", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A699C5C-CD03-4263-952F-5074B470F20E", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*", "matchCriteriaId": "A47C2D6F-8F90-4D74-AFE1-EAE954021F46", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9120_ap:-:*:*:*:*:*:*:*", "matchCriteriaId": "C04889F8-3C2A-41AA-9DC9-5A4A4BBE60E7", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*", "matchCriteriaId": "46D41CFE-784B-40EE-9431-8097428E5892", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D148A27-85B6-4883-96B5-343C8D32F23B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*", "matchCriteriaId": "735CA950-672C-4787-8910-48AD07868FDE", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*", "matchCriteriaId": "C11EF240-7599-4138-B7A7-17E4479F5B83", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*", "matchCriteriaId": "E987C945-4D6D-4BE5-B6F0-784B7E821D11", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*", "matchCriteriaId": "B434C6D7-F583-4D2B-9275-38A5EC4ECC30", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*", "matchCriteriaId": "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9130_ap:-:*:*:*:*:*:*:*", "matchCriteriaId": "248A3FFC-C33C-4336-A37C-67B6046556E5", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*", "matchCriteriaId": "4EC1F736-6240-4FA2-9FEC-D8798C9D287C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*", "matchCriteriaId": "169E5354-07EA-4639-AB4B-20D2B9DE784C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*", "matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_ac:-:*:*:*:*:*:*:*", "matchCriteriaId": "23153AA4-B169-4421-BFF8-873205FC9C21", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dc:-:*:*:*:*:*:*:*", "matchCriteriaId": "67DC3B71-B64D-4C49-B089-B274FA34ECB6", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dcw:-:*:*:*:*:*:*:*", "matchCriteriaId": "4F857465-314F-4124-9835-8A269486D654", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device."}, {"lang": "es", "value": "Una vulnerabilidad en la implementaci\u00f3n WLAN Control Protocol (WCP) para Cisco Aironet Access Point (AP) software podr\u00eda permitir a un atacante adyacente no autenticado causar una recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad es debido al manejo incorrecto de errores cuando un dispositivo afectado recibe una trama 802.11 inesperada. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de determinadas tramas 802.11 a trav\u00e9s de la red inal\u00e1mbrica a una interfaz de un AP afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar un filtrado de b\u00fafer de paquetes. Esto podr\u00eda resultar eventualmente en fallos en la asignaci\u00f3n del b\u00fafer, lo que desencadenar\u00eda una recarga del dispositivo afectado"}], "id": "CVE-2021-34740", "lastModified": "2024-11-21T06:11:05.760", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.0, "source": "ykramarz@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-09-23T03:15:19.947", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object