Cisco has released software updates that address this vulnerability.
The last warning came for a vulnerability in RADIUS Change of Authorization (CoA) request processing in the Cisco Wireless LAN Controller (WLC). This flaw could let an unauthenticated, remote attacker cause a denial of service (DoS) condition by disconnecting a single connection.
Cisco wrote: “The vulnerability is due to lack of proper input validation of the RADIUS CoA packet header. An attacker could exploit this vulnerability by sending a crafted RADIUS CoA packet to a targeted device. A successful exploit could allow the attacker to disconnect a connection through the WLC unexpectedly,” Cisco wrote.
In this case, there are no workarounds available, Cisco said.
Sign up for Computerworld eNewsletters.