A vulnerability in IPv6 traffic processing of Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a Layer 2 (L2) loop in a configured VLAN, resulting in a denial of service (DoS) condition for that VLAN. The vulnerability is due to a logic error when processing specific link-local IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet that would flow inbound through the wired interface of an affected device. A successful exploit could allow the attacker to cause traffic drops in the affected VLAN, thus triggering the DoS condition.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-ipv6-dos-NMYeCnZv | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2021-09-22 20:15
Updated : 2021-10-13 05:57
NVD link : CVE-2021-34767
Mitre link : CVE-2021-34767
JSON object : View
CWE
CWE-670
Always-Incorrect Control Flow Implementation
Products Affected
cisco
- catalyst_9800_embedded_wireless_controller
- catalyst_9800-80
- catalyst_9800-l-f
- catalyst_9800-cl
- ios_xe
- catalyst_9800-l
- catalyst_9800-l-c
- catalyst_9800-40
- catalyst_9800