CVE-2017-12222
Description
A vulnerability in the wireless controller manager of Cisco IOS XE could allow an unauthenticated, adjacent attacker to cause a restart of the switch and result in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting a crafted association request. An exploit could allow the attacker to cause the switch to restart. This vulnerability affects Cisco Catalyst 3650 and 3850 switches running IOS XE Software versions 16.1 through 16.3.3, and acting as wireless LAN controllers (WLC). Cisco Bug IDs: CSCvd45069.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.256
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Cisco IOS XE Wireless Controller Manager Denial of Service Vulnerability For Cisco Catalyst 3650 Series Switches | NCM |
| Improper Input Validation Vulnerability (CVE-2017-12222) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1705832 | Security Update for Cisco Catalyst 3650 Series Switches Everest-16.5.1 |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234