A vulnerability in the Secure Shell Version 2 (SSHv2) protocol of Cisco Aironet 1800 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high CPU utilization and an accumulation of SSHv2 connections.

The vulnerability is due to improper handling of incoming SSHv2 connections that do not complete properly. An attacker could exploit this vulnerability by sending a high number of crafted SSHv2 connections to an affected device. An exploit could allow the attacker to cause a DoS condition due to high CPU utilization and an accumulation of SSHv2 connections.

Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151113-aironet

Leave a Reply