CVE-2016-6375

Name of the Vulnerable Software and Affected Versions Cisco Wireless LAN Controller (WLC) versions 8.0.0 through 8.0.139.0 Cisco Wireless LAN Controller (WLC) versions 8.1.x Cisco Wireless LAN Controller (WLC) versions 8.2.x through 8.2.119.0 Cisco Wireless LAN Controller (WLC) versions 8.3.x through 8.3.101.0

Description A denial of service condition can be caused by sending crafted Inter-Access Point Protocol (IAPP) packets and then sending a traffic stream metrics (TSM) information request over Simple Network Management Protocol (SNMP). This can cause the device to reload. An unauthenticated, adjacent attacker can exploit this issue by sending crafted IAPP packets followed by an SNMP request for TSM information.

Recommendations For versions 8.0.0 through 8.0.139.0, update to version 8.0.140.0 or later. For versions 8.1.x, update to version 8.2.121.0 or later. For versions 8.2.x through 8.2.119.0, update to version 8.2.121.0 or later. For versions 8.3.x through 8.3.101.0, update to version 8.3.102.0 or later.