Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family Improper Access Control Vulnerability

2020-09-2416:00:00

tools.cisco.com

cisco

ios xe

wireless controller

catalyst 9000

improper access control

EPSS

0.001

Percentile

25.0%

JSON

A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9800 Series Routers could allow an unauthenticated, adjacent attacker to send ICMPv6 traffic prior to the client being placed into RUN state.

The vulnerability is due to an incomplete access control list (ACL) being applied prior to RUN state. An attacker could exploit this vulnerability by connecting to the associated service set identifier (SSID) and sending ICMPv6 traffic. A successful exploit could allow the attacker to send ICMPv6 traffic prior to RUN state.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-icmpv6-qb9eYyCR [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-icmpv6-qb9eYyCR”]

Affected configurations

Vulners

Node

ciscocisco_ios_xe_softwareMatch16.11

ciscocisco_ios_xe_softwareMatch16.12

ciscocisco_ios_xe_softwareMatch17.1

ciscocisco_ios_xe_softwareMatchany

ciscocisco_ios_xe_softwareMatch16.11.1

ciscocisco_ios_xe_softwareMatch16.11.1a

ciscocisco_ios_xe_softwareMatch16.11.1b

ciscocisco_ios_xe_softwareMatch16.11.2

ciscocisco_ios_xe_softwareMatch16.11.1c

ciscocisco_ios_xe_softwareMatch16.12.1

ciscocisco_ios_xe_softwareMatch16.12.1s

ciscocisco_ios_xe_softwareMatch16.12.2s

ciscocisco_ios_xe_softwareMatch16.12.1t

ciscocisco_ios_xe_softwareMatch16.12.2t

ciscocisco_ios_xe_softwareMatch17.1.1

ciscocisco_ios_xe_softwareMatchany

VendorProductVersionCPE
ciscocisco_ios_xe_software16.11cpe:2.3:a:cisco:cisco_ios_xe_software:16.11:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.12cpe:2.3:a:cisco:cisco_ios_xe_software:16.12:*:*:*:*:*:*:*
ciscocisco_ios_xe_software17.1cpe:2.3:a:cisco:cisco_ios_xe_software:17.1:*:*:*:*:*:*:*
ciscocisco_ios_xe_softwareanycpe:2.3:a:cisco:cisco_ios_xe_software:any:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.11.1cpe:2.3:a:cisco:cisco_ios_xe_software:16.11.1:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.11.1acpe:2.3:a:cisco:cisco_ios_xe_software:16.11.1a:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.11.1bcpe:2.3:a:cisco:cisco_ios_xe_software:16.11.1b:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.11.2cpe:2.3:a:cisco:cisco_ios_xe_software:16.11.2:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.11.1ccpe:2.3:a:cisco:cisco_ios_xe_software:16.11.1c:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.12.1cpe:2.3:a:cisco:cisco_ios_xe_software:16.12.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	cisco_ios_xe_software	16.11	cpe:2.3:a:cisco:cisco_ios_xe_software:16.11:::::::*
cisco	cisco_ios_xe_software	16.12	cpe:2.3:a:cisco:cisco_ios_xe_software:16.12:::::::*
cisco	cisco_ios_xe_software	17.1	cpe:2.3:a:cisco:cisco_ios_xe_software:17.1:::::::*
cisco	cisco_ios_xe_software	any	cpe:2.3:a:cisco:cisco_ios_xe_software:any:::::::*
cisco	cisco_ios_xe_software	16.11.1	cpe:2.3:a:cisco:cisco_ios_xe_software:16.11.1:::::::*
cisco	cisco_ios_xe_software	16.11.1a	cpe:2.3:a:cisco:cisco_ios_xe_software:16.11.1a:::::::*
cisco	cisco_ios_xe_software	16.11.1b	cpe:2.3:a:cisco:cisco_ios_xe_software:16.11.1b:::::::*
cisco	cisco_ios_xe_software	16.11.2	cpe:2.3:a:cisco:cisco_ios_xe_software:16.11.2:::::::*
cisco	cisco_ios_xe_software	16.11.1c	cpe:2.3:a:cisco:cisco_ios_xe_software:16.11.1c:::::::*
cisco	cisco_ios_xe_software	16.12.1	cpe:2.3:a:cisco:cisco_ios_xe_software:16.12.1:::::::*