A vulnerability in the Simple Network Management Protocolnbsp;(SNMP) subsystem of Cisconbsp;Wireless LAN Controllers could allow an authenticated, remote attacker to cause an affected device to restart, resulting in a denial of servicenbsp;(DoS) condition.
The vulnerability is due to a memory leak that occurs on an affected device after the device fails to deallocate a buffer that is used when certain MIBs are polled.
An attacker who knows the SNMP Version 2 SNMP Read string or has valid SNMP Version 3 credentials for an affected device could repeatedly poll the affected MIB object IDsnbsp;(OIDs) and consume available memory on the device. When memory is sufficiently depleted on the device, the device will restart, resulting in a DoS condition.
Cisco has released software updates that address this vulnerability.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
Security Impact Rating: High