How severe is CVE-2017-12222?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2017-12222?

This is classified as CWE-399, which is a common weakness in software security.

CVE-2017-12222 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

A vulnerability in the wireless controller manager of Cisco IOS XE could allow an unauthenticated, adjacent attacker to cause a restart of the switch and result in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting a crafted association request. An exploit could allow the attacker to cause the switch to restart. This vulnerability affects Cisco Catalyst 3650 and 3850 switches running IOS XE Software versions 16.1 through 16.3.3, and acting as wireless LAN controllers (WLC). Cisco Bug IDs: CSCvd45069.

Related Vulnerabilities

CVE-2012-5030

MEDIUM

CVSS:6.5(Medium)

Cisco IOS before 15.2(4)S6 does not initialize an unspecified variable, which might allow remote authenticated users to cause a denial of service (CPU consumption, watchdog timeout, crash) by walking ...

CWE-3992012

CVE-2015-2927

MEDIUM

CVSS:6.5(Medium)

node 0.3.2 and URONode before 1.0.5r3 allows remote attackers to cause a denial of service (bandwidth consumption).

CWE-3992015

CVE-2015-6431

MEDIUM

CVSS:6.5(Medium)

Cisco IOS XE 16.1.1 allows remote attackers to cause a denial of service (device reload) via a packet with the 00-00-00-00-00-00 source MAC address, aka Bug ID CSCux48405.

CWE-3992015

CVE-2015-7461

MEDIUM

CVSS:6.5(Medium)

XML external entity (XXE) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote authenticated users to cause a denial of service (memory consumption) via cra...

CWE-3992015

CVE-2015-8345

MEDIUM

CVSS:6.5(Medium)

The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.

CWE-3992015

CVE-2015-8677

MEDIUM

CVSS:6.5(Medium)

Memory leak in Huawei S5300EI, S5300SI, S5310HI, and S6300EI Campus series switches with software V200R003C00 before V200R003SPH011 and V200R005C00 before V200R005SPH008; S2350EI and S5300LI Campus se...

CWE-3992015