CVE-2009-2861

Name of the Vulnerable Software and Affected Versions Cisco Aironet Lightweight Access Point versions 1100 and 1200

Description The issue concerns the Over-the-Air Provisioning (OTAP) functionality, which does not properly implement access-point association. This allows remote attackers to spoof a controller, resulting in a denial of service (service outage) via crafted remote radio management (RRM) packets.

Recommendations For Cisco Aironet Lightweight Access Point versions 1100 and 1200, consider restricting access to the OTAP functionality to minimize the risk of exploitation. As a temporary workaround, limit the ability of remote attackers to send crafted RRM packets to the affected devices. At the moment, there is no information about a newer version that contains a fix for this vulnerability.