QID 317149
Date Published: 2022-04-20
QID 317149: Cisco Internetwork Operating System (IOS) XE Software for Catalyst 9800 Series Wireless Controllers Application Visibility and Control Denial of Service (DoS) Vulnerability (cisco-sa-c9800-fnf-dos-bOL5vLge)
A vulnerability in the Application Visibility and Control (AVC-FNF) feature of Cisco IOS XE Software
for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
Affected Products
Cisco devices if they are running a vulnerable release of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers,
have the AVC-FNF feature enabled for wireless networks (disabled by default), and have any access points (APs) in an operating mode other than FlexConnect Local Switching or fabric:
Catalyst 9800 Series Wireless Controllers
Catalyst 9800-CL Wireless Controllers for Cloud
Note: Certain AP modes are not affected by this vulnerability.
Potential Detection as cannot confirm on vulnerable configuration of the AVC-FNF feature enabled for wireless networks (disabled by default), and having access points (APs) in an operating mode other than FlexConnect Local Switching.
QID Detection Logic (Authenticated):
The check matches affected versions retrieved via SNMP.
A successful exploit could allow the attacker to cause a crash and reload of the affected device, resulting in a DoS condition.
Customers are advised to refer to cisco-sa-c9800-fnf-dos-bOL5vLge for more information.
- cisco-sa-c9800-fnf-dos-bOL5vLge -
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-fnf-dos-bOL5vLge
CVEs related to QID 317149
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| cisco-sa-c9800-fnf-dos-bOL5vLge |
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-fnf-dos-bOL5vLge |