OpenCVE

A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:A/AC:L/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Cisco	1100-4g\/6g Integrated Services Router 1100-4p Integrated Services Router 1100-8p Integrated Services Router 1100 Integrated Services Router 1101-4p Integrated Services Router 1101 Integrated Services Router 1109-2p Integrated Services Router 1109-4p Integrated Services Router 1109 Integrated Services Router 1111x-8p Integrated Services Router 1111x Integrated Services Router 111x Integrated Services Router 1120 Integrated Services Router 1160 Integrated Services Router 6300 Series Access Points Aironet 1540 Aironet 1542d Aironet 1542i Aironet 1560 Aironet 1562d Aironet 1562e Aironet 1562i Aironet 1800 Aironet 1800i Aironet 1810 Aironet 1810w Aironet 1815 Aironet 1815i Aironet 1830 Aironet 1830e Aironet 1830i Aironet 1840 Aironet 1850 Aironet 1850e Aironet 1850i Aironet 2800 Aironet 2800e Aironet 2800i Aironet 3800 Aironet 3800e Aironet 3800i Aironet 3800p Aironet 4800 Aironet Access Point Software Catalyst 9100 Catalyst 9105 Catalyst 9105axi Catalyst 9105axw Catalyst 9115 Catalyst 9115 Ap Catalyst 9115axe Catalyst 9115axi Catalyst 9117 Catalyst 9117 Ap Catalyst 9117axi Catalyst 9120 Catalyst 9120 Ap Catalyst 9120axe Catalyst 9120axi Catalyst 9120axp Catalyst 9124 Catalyst 9124axd Catalyst 9124axi Catalyst 9130 Catalyst 9130 Ap Catalyst 9130axe Catalyst 9130axi Catalyst Iw6300 Catalyst Iw6300 Ac Catalyst Iw6300 Dc Catalyst Iw6300 Dcw

Configuration 1 [-]

AND

OR	cpe:2.3:o:cisco:aironet_access_point_software::::::::
	cpe:2.3:o:cisco:aironet_access_point_software:17.2:::::::*
	cpe:2.3:o:cisco:aironet_access_point_software:17.3:::::::*

OR	cpe:2.3:h:cisco:1100-4g\/6g_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1101_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1109_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1111x_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:111x_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1120_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1160_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:6300_series_access_points:-:::::::*
	cpe:2.3:h:cisco:aironet_1540:-:::::::*
	cpe:2.3:h:cisco:aironet_1542d:-:::::::*
	cpe:2.3:h:cisco:aironet_1542i:-:::::::*
	cpe:2.3:h:cisco:aironet_1560:-:::::::*
	cpe:2.3:h:cisco:aironet_1562d:-:::::::*
	cpe:2.3:h:cisco:aironet_1562e:-:::::::*
	cpe:2.3:h:cisco:aironet_1562i:-:::::::*
	cpe:2.3:h:cisco:aironet_1800:-:::::::*
	cpe:2.3:h:cisco:aironet_1800i:-:::::::*
	cpe:2.3:h:cisco:aironet_1810:-:::::::*
	cpe:2.3:h:cisco:aironet_1810w:-:::::::*
	cpe:2.3:h:cisco:aironet_1815:-:::::::*
	cpe:2.3:h:cisco:aironet_1815i:-:::::::*
	cpe:2.3:h:cisco:aironet_1830:-:::::::*
	cpe:2.3:h:cisco:aironet_1830e:-:::::::*
	cpe:2.3:h:cisco:aironet_1830i:-:::::::*
	cpe:2.3:h:cisco:aironet_1840:-:::::::*
	cpe:2.3:h:cisco:aironet_1850:-:::::::*
	cpe:2.3:h:cisco:aironet_1850e:-:::::::*
	cpe:2.3:h:cisco:aironet_1850i:-:::::::*
	cpe:2.3:h:cisco:aironet_2800:-:::::::*
	cpe:2.3:h:cisco:aironet_2800e:-:::::::*
	cpe:2.3:h:cisco:aironet_2800i:-:::::::*
	cpe:2.3:h:cisco:aironet_3800:-:::::::*
	cpe:2.3:h:cisco:aironet_3800e:-:::::::*
	cpe:2.3:h:cisco:aironet_3800i:-:::::::*
	cpe:2.3:h:cisco:aironet_3800p:-:::::::*
	cpe:2.3:h:cisco:aironet_4800:-:::::::*
	cpe:2.3:h:cisco:catalyst_9100:-:::::::*
	cpe:2.3:h:cisco:catalyst_9105:-:::::::*
	cpe:2.3:h:cisco:catalyst_9105axi:-:::::::*
	cpe:2.3:h:cisco:catalyst_9105axw:-:::::::*
	cpe:2.3:h:cisco:catalyst_9115:-:::::::*
	cpe:2.3:h:cisco:catalyst_9115_ap:-:::::::*
	cpe:2.3:h:cisco:catalyst_9115axe:-:::::::*
	cpe:2.3:h:cisco:catalyst_9115axi:-:::::::*
	cpe:2.3:h:cisco:catalyst_9117:-:::::::*
	cpe:2.3:h:cisco:catalyst_9117_ap:-:::::::*
	cpe:2.3:h:cisco:catalyst_9117axi:-:::::::*
	cpe:2.3:h:cisco:catalyst_9120:-:::::::*
	cpe:2.3:h:cisco:catalyst_9120_ap:-:::::::*
	cpe:2.3:h:cisco:catalyst_9120axe:-:::::::*
	cpe:2.3:h:cisco:catalyst_9120axi:-:::::::*
	cpe:2.3:h:cisco:catalyst_9120axp:-:::::::*
	cpe:2.3:h:cisco:catalyst_9124:-:::::::*
	cpe:2.3:h:cisco:catalyst_9124axd:-:::::::*
	cpe:2.3:h:cisco:catalyst_9124axi:-:::::::*
	cpe:2.3:h:cisco:catalyst_9130:-:::::::*
	cpe:2.3:h:cisco:catalyst_9130_ap:-:::::::*
cpe:2.3:h:cisco:catalyst_9130axe:-:::::::*
cpe:2.3:h:cisco:catalyst_9130axi:-:::::::*
cpe:2.3:h:cisco:catalyst_iw6300:-:::::::*
cpe:2.3:h:cisco:catalyst_iw6300_ac:-:::::::*
cpe:2.3:h:cisco:catalyst_iw6300_dc:-:::::::*
cpe:2.3:h:cisco:catalyst_iw6300_dcw:-:::::::*

No data.

References

Link	Providers
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL

History

Thu, 07 Nov 2024 22:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2021-09-23T02:26:41.933546Z

Updated: 2024-11-07T21:58:19.967Z

Reserved: 2021-06-15T00:00:00

Link: CVE-2021-34740

Vulnrichment

Updated: 2024-08-04T00:19:48.125Z

NVD

Status : Modified

Published: 2021-09-23T03:15:19.947

Modified: 2023-11-07T03:36:16.250

Link: CVE-2021-34740

Redhat

No data.

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object