CVE-2019-15264

Name of the Vulnerable Software and Affected Versions Cisco Aironet and Catalyst 9100 Access Points (APs) (affected versions not specified) Cisco Aironet Access Points (AP) series 1540, 1560, 1800, 2800, 3800, 4800 (affected versions not specified) Cisco Catalyst (affected versions not specified)

Description A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol implementation could allow an unauthenticated, adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. The issue is due to improper resource management during CAPWAP message processing. An attacker could exploit this by sending a high volume of legitimate wireless management frames within a short time to an affected device, causing it to restart and resulting in a DoS condition for clients associated with the AP.

Recommendations For Cisco Aironet and Catalyst 9100 Access Points (APs), consider implementing measures to limit the volume of wireless management frames processed within a short time to prevent exploitation. For Cisco Aironet Access Points (AP) series 1540, 1560, 1800, 2800, 3800, 4800 and Cisco Catalyst, restrict access to the CAPWAP protocol implementation to minimize the risk of exploitation until a fix is available. As a temporary workaround, consider disabling the CAPWAP message processing function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.