PT-2017-12453 · Cisco · Cisco Ios
Published
2017-11-02
·
Updated
2019-10-09
·
CVE-2017-12279
CVSS v2.0
3.3
Low
| Vector | AV:A/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco IOS Software for Cisco Aironet Access Points (affected versions not specified)
Description
A vulnerability in the packet processing code could allow an unauthenticated, adjacent attacker to retrieve content from memory on an affected device, leading to the disclosure of confidential information. This issue is due to insufficient condition checks when adding padding to egress packets. An attacker could exploit this by sending a crafted IP packet to an affected device, potentially allowing them to retrieve content from memory.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Ios