发布日期：2021-09-22
更新日期：2021-09-23

受影响系统：

Cisco Integrated Access Point on 1100 Integrated Service
Cisco Aironet 1540 Series APs
Cisco Aironet 1560 Series APs
Cisco Aironet 1800 Series APs
Cisco Aironet 2800 Series APs
Cisco Aironet 3800 Series APs
Cisco Aironet 4800 APs
Cisco Catalyst 9100 APs
Cisco Catalyst IW 6300 APs
Cisco 6300 Series Embedded Services APs

描述：

---

CVE(CAN) ID: CVE-2021-34740

Cisco Aironet Access Point是中小型无线网络接入点产品。
Cisco Aironet Access Point (AP)的WLAN Control Protocol (WCP)实现存在拒绝服务漏洞。该漏洞源于程序未对以外802.11帧进行正确处理。攻击者可利用该漏洞造成数据包缓冲区泄露，从而触发设备重新加载（拒绝服务）。

<*链接：https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-
*>

建议：

---

厂商补丁：

Cisco
-----
Cisco已经为此发布了一个安全公告（cisco-sa-airo-wpa-pktleak-dos-uSTyGrL）以及相应补丁:
cisco-sa-airo-wpa-pktleak-dos-uSTyGrL：Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability
链接：https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL

浏览次数：1295
严重程度：0（网友投票）