Cisco: >> Catalyst 9800-Cl Security Vulnerabilities
A vulnerability in the DHCP processing functionality of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of DHCP messages. An attacker could exploit this vulnerability by sending malicious DHCP messages to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
CVSS Score
8.6
EPSS Score
0.003
Published
2022-09-30
A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of UDP datagrams. An attacker could exploit this vulnerability by sending malicious UDP datagrams to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
CVSS Score
8.6
EPSS Score
0.004
Published
2022-09-30
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI API. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. To exploit this vulnerability, an attacker must have valid Administrator privileges on the affected device.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-09-30
A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points could allow an authenticated, local attacker to escape the restricted controller shell and execute arbitrary commands on the underlying operating system of the access point. This vulnerability is due to improper checks throughout the restart of certain system processes. An attacker could exploit this vulnerability by logging on to an affected device and executing certain CLI commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS as root. To successfully exploit this vulnerability, an attacker would need valid credentials for a privilege level 15 user of the wireless controller.
CVSS Score
7.9
EPSS Score
0.001
Published
2022-09-30
A vulnerability in the Simple Network Management Protocol (SNMP) of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to insufficient restrictions that allow a sensitive configuration detail to be disclosed. An attacker could exploit this vulnerability by retrieving data through SNMP read-only community access. A successful exploit could allow the attacker to view Service Set Identifier (SSID) preshared keys (PSKs) that are configured on the affected device.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-09-30
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.
CVSS Score
5.5
EPSS Score
0.002
Published
2022-04-15
A vulnerability in IPv6 traffic processing of Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a Layer 2 (L2) loop in a configured VLAN, resulting in a denial of service (DoS) condition for that VLAN. The vulnerability is due to a logic error when processing specific link-local IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet that would flow inbound through the wired interface of an affected device. A successful exploit could allow the attacker to cause traffic drops in the affected VLAN, thus triggering the DoS condition.
CVSS Score
7.4
EPSS Score
0.001
Published
2021-09-23
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit the vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition.
CVSS Score
8.6
EPSS Score
0.002
Published
2021-09-23
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit the vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition.
CVSS Score
8.6
EPSS Score
0.002
Published
2021-09-23
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a logic error that occurs during the validation of CAPWAP packets. An attacker could exploit this vulnerability by sending a crafted CAPWAP packet to an affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the affected device to crash and reload, resulting in a DoS condition.
CVSS Score
10.0
EPSS Score
0.009
Published
2021-09-23