Vulnerability Description
Cisco Aironet Lightweight Access Point (AP) devices send the contents of certain multicast data frames in cleartext, which allows remote attackers to discover Wireless LAN Controller MAC addresses and IP addresses, and AP configuration details, by sniffing the wireless network.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Aironet Ap1100 | All versions |
| Cisco | Aironet Ap1200 | All versions |
Related Weaknesses (CWE)
References
- http://securitytracker.com/id?1022774
- http://www.airmagnet.com/assets/AM_Technote_SkyJack_082509.pdf
- http://www.airmagnet.com/news/press_releases/2009/08252009.php
- http://securitytracker.com/id?1022774
- http://www.airmagnet.com/assets/AM_Technote_SkyJack_082509.pdf
- http://www.airmagnet.com/news/press_releases/2009/08252009.php
FAQ
What is CVE-2009-2976?
CVE-2009-2976 is a vulnerability with a CVSS score of 7.8 (HIGH). Cisco Aironet Lightweight Access Point (AP) devices send the contents of certain multicast data frames in cleartext, which allows remote attackers to discover Wireless LAN Controller MAC addresses and...
How severe is CVE-2009-2976?
CVE-2009-2976 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-2976?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Aironet Ap1100, Cisco Aironet Ap1200.