CVE-2015-4215

Name of the Vulnerable Software and Affected Versions Cisco Wireless LAN Controller versions 7.5(102.0) through 7.6(1.62)

Description The issue is related to errors in resource management, allowing remote attackers to cause a denial of service by triggering an exception during attempted forwarding of unspecified IPv6 packets to a non-IPv6 device. An unauthenticated, adjacent attacker could exploit this by sending a certain class of IPv6 traffic to an affected device, causing it to crash. The attacker must be on the same broadcast or collision domain as the targeted device.

Recommendations For versions 7.5(102.0) and 7.6(1.62), update to a newer version that includes the fix for this issue, as software updates have been released by Cisco. As a temporary workaround, consider restricting IPv6 traffic to devices that are configured for IPv6 to minimize the risk of exploitation.