Improper input validation in Cisco Wireless_lan_controller
CVE-2016-9219
A vulnerability with IPv6 UDP ingress packet processing in Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause an unexpected reload of the device. The vulnerability is due to incomplete IPv…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.030 (85.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.
Affected products
- Cisco Wireless_lan_controller
- Cisco Wireless_lan_controller_firmware — versions 8.2.121.0
- Cisco Wireless_lan_controller_software — versions 8.3.102.0
- N/a Cisco Wireless Lan Controller — versions Cisco Wireless LAN Controller
Weakness classification (CWE)
References
- psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
- psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
- psirt@cisco.com (vdb-entry, x_refsource_SECTRACK)
Frequently asked questions
- What is CVE-2016-9219?
- CVE-2016-9219 is a high-severity vulnerability in Cisco Wireless_lan_controller, classified under Improper Input Validation. CVSS score: 7.5/10. Published 2017-04-06.
- How severe is CVE-2016-9219?
- High severity. CVSS v3 base score is 7.5 out of 10.