Cisco Wireless LAN Controller (WLC) devices contain a denial of service vulnerability that could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.
The vulnerability is due to a failure to properly discard certain malformed values in an 802.11i management frame received from a wireless client. An attacker could trigger the vulnerability by submitting a crafted frame to an access point managed by the affected Cisco WLC.
Cisco has confirmed the vulnerability and released software updates.
To exploit this vulnerability, an attacker must be on the same broadcast or collision domain as the targeted device. This access requirement reduces the likelihood of a successful exploit.
Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.