CVE-2021-1373

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family Wireless Controllers (affected versions not specified)

Description: A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of an affected device. The vulnerability is due to insufficient validation of CAPWAP packets. An attacker could exploit this vulnerability by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.