Vulnerability Details : CVE-2016-9221
A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. Affected Products: This vulnerability affects Cisco Mobility Express 2800 Series and 3800 Series Access Points when configured in local mode in 40 MHz. More Information: CSCvb33575. Known Affected Releases: 8.2(121.12) 8.4(1.82). Known Fixed Releases: 8.2(131.2) 8.2(131.3) 8.2(131.4) 8.2(141.0) 8.3(104.53) 8.3(104.54) 8.4(1.80) 8.4(1.85).
Vulnerability category: Denial of service
Products affected by CVE-2016-9221
- cpe:2.3:o:cisco:aironet_access_point_software:8.4\(1.82\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:aironet_access_point_software:8.2\(121.12\):*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-9221
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 21 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-9221
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.3
|
LOW | AV:A/AC:L/Au:N/C:N/I:N/A:P |
6.5
|
2.9
|
NIST | |
4.3
|
MEDIUM | CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
2.8
|
1.4
|
NIST |
CWE ids for CVE-2016-9221
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-9221
-
http://www.securityfocus.com/bid/95631
Cisco Mobility Express 2800 and 3800 Access Points CVE-2016-9221 Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2
Cisco Mobility Express 2800 and 3800 Denial of Service VulnerabilityVendor Advisory
Jump to