Cisco Wireless LAN Controller IAPP Input Validation Flaw Lets Remote Users Forward Network Traffic to Other Destinations
|
|
SecurityTracker Alert ID: 1033360 |
|
SecurityTracker URL: http://securitytracker.com/id/1033360
|
|
CVE Reference:
CVE-2015-6258
(Links to External Site)
|
Date: Aug 24 2015
|
Impact:
Host/resource access via network
|
Vendor Confirmed: Yes
|
Version(s): 8.1(104.37)
|
Description:
A vulnerability was reported in Cisco Wireless LAN Controller. A remote user can forward network traffic to other destinations.
A remote user can send a specially crafted IPv6 packet to exploit an input validation flaw in the Internet Access Point Protocol (IAPP) module and cause network traffic to be forwarded to an unexpected destination on a remote sub-network.
The vendor has assigned bug ID CSCuv40033 to this vulnerability.
|
Impact:
A remote user can cause network traffic to be forwarded to an unexpected destination on a remote sub-network.
|
Solution:
No solution was available at the time of this entry.
The vendor's advisory is available at:
http://tools.cisco.com/security/center/viewAlert.x?alertId=40586
|
Vendor URL: tools.cisco.com/security/center/viewAlert.x?alertId=40586 (Links to External Site)
|
Cause:
Input validation error
|
|
Message History:
None.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
