What is CVE-2017-12283?

CVE-2017-12283 is a medium-severity vulnerability in Cisco Aironet_3800e, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 6.1/10. Published 2017-11-02.

How severe is CVE-2017-12283?

Medium severity. CVSS v3 base score is 6.1 out of 10.

Buffer overflow in Cisco Aironet_3800e

CVE-2017-12283

A vulnerability in the handling of 802.11w Protected Management Frames (PAF) by Cisco Aironet 3800 Series Access Points could allow an unauthenticated, adjacent attacker to terminate a valid user connection to an affected device, aka Denia…

Vulnerability class: Buffer Overflow

EPSS: 0.006 (42.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.1 (Medium). Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H.

Affected products

Cisco Aironet_3800e
Cisco Aironet_3800_firmware
Cisco Aironet_3800i
Cisco Aironet_3800p
N/a Cisco Aironet 3800 Series Access Points — versions Cisco Aironet 3800 Series Access Points

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)
psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2017-12283?: CVE-2017-12283 is a medium-severity vulnerability in Cisco Aironet_3800e, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 6.1/10. Published 2017-11-02.
How severe is CVE-2017-12283?: Medium severity. CVSS v3 base score is 6.1 out of 10.