CVE-2017-12283
CVE-2017-12283 is a medium-severity vulnerability in Cisco Aironet 3800 Firmware with a CVSS 3.x base score of 6.1. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-119.
Key facts
- Severity: Medium (CVSS 3.x base score 6.1)
- CVSS v2: 2.9
- EPSS exploit prediction: 1% (43rd percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-119
- Affected product: Cisco Aironet 3800 Firmware
- Published:
- Last modified:
Description
A vulnerability in the handling of 802.11w Protected Management Frames (PAF) by Cisco Aironet 3800 Series Access Points could allow an unauthenticated, adjacent attacker to terminate a valid user connection to an affected device, aka Denial of Service. The vulnerability exists because the affected device does not properly validate 802.11w PAF disassociation and deauthentication frames that it receives. An attacker could exploit this vulnerability by sending a spoofed 802.11w PAF frame from a valid, authenticated client on an adjacent network to an affected device. A successful exploit could allow the attacker to terminate a single valid user connection to the affected device. This vulnerability affects Access Points that are configured to run in FlexConnect mode. Cisco Bug IDs: CSCvc20627.
Frequently asked questions
- What is CVE-2017-12283?
- A vulnerability in the handling of 802.11w Protected Management Frames (PAF) by Cisco Aironet 3800 Series Access Points could allow an unauthenticated, adjacent attacker to terminate a valid user connection to an affected device, aka Denial of Service. The vulnerability exists because the affected device does not properly validate 802.11w PAF disassociation and deauthentication frames that it receives. An attacker could exploit this vulnerability by sending a spoofed 802.11w PAF frame from a valid, authenticated client on an adjacent network to an affected device. A successful exploit could allow the attacker to terminate a single valid user connection to the affected device. This vulnerability affects Access Points that are configured to run in FlexConnect mode. Cisco Bug IDs: CSCvc20627.
- How severe is CVE-2017-12283?
- CVE-2017-12283 has a CVSS 3.x base score of 6.1, rated medium severity. It is exploitable over an adjacent network with high attack complexity, requires no privileges and no user interaction. Impact on confidentiality is none, integrity none, and availability high.
- Is CVE-2017-12283 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (43rd percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2017-12283?
- CVE-2017-12283 affects Cisco Aironet 3800 Firmware. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2017-12283?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2017-12283 published?
- CVE-2017-12283 was published on 2017-11-02 and last updated on 2026-06-17.
References
- http://www.securityfocus.com/bid/101645
- http://www.securitytracker.com/id/1039718
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-aironet4
Affected products (1)
- cpe:2.3:o:cisco:aironet_3800_firmware:-:*:*:*:*:*:*:*
More vulnerabilities in Cisco Aironet 3800 Firmware
- CVE-2019-15260 — Critical (CVSS 9.8): A vulnerability in Cisco Aironet Access Points (APs) Software could allow an unauthenticated, remote attacker to gain…
- CVE-2017-12281 — High (CVSS 7.5): A vulnerability in the implementation of Protected Extensible Authentication Protocol (PEAP) functionality for…
- CVE-2020-26140 — Medium (CVSS 6.5): An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3…
- CVE-2019-15265 — Medium (CVSS 6.5): A vulnerability in the bridge protocol data unit (BPDU) forwarding functionality of Cisco Aironet Access Points (APs)…
- CVE-2019-15264 — Medium (CVSS 6.5): A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol implementation of Cisco…
- CVE-2017-12274 — Medium (CVSS 6.5): A vulnerability in Extensible Authentication Protocol (EAP) ingress frame processing for the Cisco Aironet 1560, 2800,…
All CVEs affecting Cisco Aironet 3800 Firmware →
Other CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) vulnerabilities
- CVE-2026-2778 — Critical (CVSS 10.0): Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability was fixed in…
- CVE-2026-2776 — Critical (CVSS 10.0): Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability…
- CVE-2025-1866 — Critical (CVSS 10.0): Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat libwebsockets allows…
- CVE-2022-27625 — Critical (CVSS 10.0): A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the…
- CVE-2022-27624 — Critical (CVSS 10.0): A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the…
- CVE-2020-11896 — Critical (CVSS 10.0): The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling.