A vulnerability in the Simple Network Management Protocolnbsp;(SNMP) subsystem of Cisconbsp;Wireless LAN Controllers could allow an authenticated, remote attacker to cause an affected device to restart, resulting in a denial of servicenbsp;(DoS) condition.

The vulnerability is due to a memory leak that occurs on an affected device after the device fails to deallocate a buffer that is used when certain MIBs are polled.

An attacker who knows the SNMP Version 2 SNMP Read string or has valid SNMP Version 3 credentials for an affected device could repeatedly poll the affected MIB object IDsnbsp;(OIDs) and consume available memory on the device. When memory is sufficiently depleted on the device, the device will restart, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-wlc1

Security Impact Rating: High

CVE: CVE-2017-12278

Leave a Reply