Vulnerability-Lookup

CVE-2016-9221 (GCVE-0-2016-9221)

Vulnerability from cvelistv5 – Published: 2017-01-26 07:45 – Updated: 2024-08-06 02:42

Summary

Severity ?

No CVSS data available.

CWE

unspecified

Assigner

cisco

References

URL

	Vendor	Product	Version
	n/a	Cisco Mobility Express 2800 Series and 3800 Series Access Points	Affected: Cisco Mobility Express 2800 Series and 3800 Series Access Points

FKIE_CVE-2016-9221

Vulnerability from fkie_nvd - Published: 2017-01-26 07:59 - Updated: 2025-04-20 01:37

Severity ?

4.3 (Medium) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/95631	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/95631	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	aironet_access_point_software	8.2\(121.12\)
	cisco	aironet_access_point_software	8.4\(1.82\)

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.2\\(121.12\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "49309998-D816-43BC-BA6D-BE1BFE383DA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.4\\(1.82\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6959C12E-AEC2-415E-972D-18B6D9D717EB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. Affected Products: This vulnerability affects Cisco Mobility Express 2800 Series and 3800 Series Access Points when configured in local mode in 40 MHz. More Information: CSCvb33575. Known Affected Releases: 8.2(121.12) 8.4(1.82). Known Fixed Releases: 8.2(131.2) 8.2(131.3) 8.2(131.4) 8.2(141.0) 8.3(104.53) 8.3(104.54) 8.4(1.80) 8.4(1.85)."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de denegaci\u00f3n de servicio en el manejo de la autenticaci\u00f3n de conexi\u00f3n de ingreso 802.11 para los Access Points (APs) 2800 y 3800 de Cisco Mobility Express podr\u00eda permitir a un atacante adyacente no autenticado provocar que la autenticaci\u00f3n falle. Productos afectados: Esta vulnerabilidad afecta a Cisco Mobility Express 2800 Series y 3800 Series Access Points cuando son configurados en modo local en 40 MHz. M\u00e1s informaci\u00f3n: CSCvb33575. Lanzamientos afectados conocidos: 8.2(121.12) 8.4(1.82). Lanzamientos reparados conocidos: 8.2(131.2) 8.2(131.3) 8.2(131.4) 8.2(141.0) 8.3(104.53) 8.3(104.54) 8.4(1.80) 8.4(1.85)."
    }
  ],
  "id": "CVE-2016-9221",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 3.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-01-26T07:59:00.247",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95631"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2016-9221

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2016-9221

Aliases

CVE-2016-9221

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-9221",
    "description": "A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. Affected Products: This vulnerability affects Cisco Mobility Express 2800 Series and 3800 Series Access Points when configured in local mode in 40 MHz. More Information: CSCvb33575. Known Affected Releases: 8.2(121.12) 8.4(1.82). Known Fixed Releases: 8.2(131.2) 8.2(131.3) 8.2(131.4) 8.2(141.0) 8.3(104.53) 8.3(104.54) 8.4(1.80) 8.4(1.85).",
    "id": "GSD-2016-9221"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-9221"
      ],
      "details": "A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. Affected Products: This vulnerability affects Cisco Mobility Express 2800 Series and 3800 Series Access Points when configured in local mode in 40 MHz. More Information: CSCvb33575. Known Affected Releases: 8.2(121.12) 8.4(1.82). Known Fixed Releases: 8.2(131.2) 8.2(131.3) 8.2(131.4) 8.2(141.0) 8.3(104.53) 8.3(104.54) 8.4(1.80) 8.4(1.85).",
      "id": "GSD-2016-9221",
      "modified": "2023-12-13T01:21:21.848041Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2016-9221",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cisco Mobility Express 2800 Series and 3800 Series Access Points",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Cisco Mobility Express 2800 Series and 3800 Series Access Points"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. Affected Products: This vulnerability affects Cisco Mobility Express 2800 Series and 3800 Series Access Points when configured in local mode in 40 MHz. More Information: CSCvb33575. Known Affected Releases: 8.2(121.12) 8.4(1.82). Known Fixed Releases: 8.2(131.2) 8.2(131.3) 8.2(131.4) 8.2(141.0) 8.3(104.53) 8.3(104.54) 8.4(1.80) 8.4(1.85)."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "unspecified"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2",
            "refsource": "CONFIRM",
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2"
          },
          {
            "name": "95631",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/95631"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:aironet_access_point_software:8.4\\(1.82\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:aironet_access_point_software:8.2\\(121.12\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-9221"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. Affected Products: This vulnerability affects Cisco Mobility Express 2800 Series and 3800 Series Access Points when configured in local mode in 40 MHz. More Information: CSCvb33575. Known Affected Releases: 8.2(121.12) 8.4(1.82). Known Fixed Releases: 8.2(131.2) 8.2(131.3) 8.2(131.4) 8.2(141.0) 8.3(104.53) 8.3(104.54) 8.4(1.80) 8.4(1.85)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2"
            },
            {
              "name": "95631",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/95631"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 6.5,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2017-01-27T19:39Z",
      "publishedDate": "2017-01-26T07:59Z"
    }
  }
}

GHSA-H84G-XQ42-7Q7F

Vulnerability from github – Published: 2022-05-17 03:02 – Updated: 2022-05-17 03:02

Details

Severity ?

4.3 (Medium)


                  
                    CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-9221"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-01-26T07:59:00Z",
    "severity": "MODERATE"
  },
  "details": "A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. Affected Products: This vulnerability affects Cisco Mobility Express 2800 Series and 3800 Series Access Points when configured in local mode in 40 MHz. More Information: CSCvb33575. Known Affected Releases: 8.2(121.12) 8.4(1.82). Known Fixed Releases: 8.2(131.2) 8.2(131.3) 8.2(131.4) 8.2(141.0) 8.3(104.53) 8.3(104.54) 8.4(1.80) 8.4(1.85).",
  "id": "GHSA-h84g-xq42-7q7f",
  "modified": "2022-05-17T03:02:34Z",
  "published": "2022-05-17T03:02:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9221"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/95631"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2017-01066

Vulnerability from cnvd - Published: 2017-02-08

Title

Cisco Mobility Express 2800和3800 Access Points拒绝服务漏洞

Description

Cisco Mobility Express 2800和3800 Access Points都是美国思科（Cisco）公司基于Mobility Express解决方案的无线产品。 Cisco Mobility Express 2800和3800 Access Points存在拒绝服务漏洞。攻击者可利用此漏洞造成拒绝服务。

Severity

低

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2

Reference

http://www.securityfocus.com/bid/95631

Impacted products

Name
['Cisco Mobility Express 3800 Series Access Points', 'Cisco Mobility Express 2800 Series Access Points']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "95631"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-9221",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9221"
    }
  },
  "description": "Cisco Mobility Express 2800\u548c3800 Access Points\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u57fa\u4e8eMobility Express\u89e3\u51b3\u65b9\u6848\u7684\u65e0\u7ebf\u4ea7\u54c1\u3002\r\n\r\nCisco Mobility Express 2800\u548c3800 Access Points\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-01066",
  "openTime": "2017-02-08",
  "products": {
    "product": [
      "Cisco Mobility Express 3800 Series Access Points",
      "Cisco Mobility Express 2800 Series Access Points"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/95631",
  "serverity": "\u4f4e",
  "submitTime": "2017-01-25",
  "title": "Cisco Mobility Express 2800\u548c3800 Access Points\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

VAR-201701-0858

Vulnerability from variot - Updated: 2025-04-20 23:40

A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. Affected Products: This vulnerability affects Cisco Mobility Express 2800 Series and 3800 Series Access Points when configured in local mode in 40 MHz. More Information: CSCvb33575. Known Affected Releases: 8.2(121.12) 8.4(1.82). Known Fixed Releases: 8.2(131.2) 8.2(131.3) 8.2(131.4) 8.2(141.0) 8.3(104.53) 8.3(104.54) 8.4(1.80) 8.4(1.85). Vendors have confirmed this vulnerability Bug ID CSCvb33575 It is released as.Denial of service by an adjacent attacker ( Authentication failure ) There is a possibility of being put into a state. The Cisco Mobility Express 2800 and 3800 AccessPoints are wireless products based on the Mobility Express solution from Cisco. An attacker could exploit this vulnerability to cause a denial of service. This issue is being tracked by Cisco Bug ID CSCvb33575. The vulnerability stems from the fact that the program does not correctly handle 802.11 authentication request errors. An attacker could exploit this vulnerability by sending a specially crafted 802.11 frame to the target device to affect the availability of the device

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201701-0858",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "aironet access point software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.2\\(121.12\\)"
      },
      {
        "model": "aironet access point software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.4\\(1.82\\)"
      },
      {
        "model": "aironet access point software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "8.2 (121.12)"
      },
      {
        "model": "aironet access point software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "8.4 (1.82)"
      },
      {
        "model": "mobility express series access points",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "3800"
      },
      {
        "model": "mobility express series access points",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "2800"
      },
      {
        "model": "mobility express series access points",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "38000"
      },
      {
        "model": "mobility express series access points",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "28000"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-01066"
      },
      {
        "db": "BID",
        "id": "95631"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-007068"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-791"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9221"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:cisco:aironet_access_point_software",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-007068"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "95631"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-791"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2016-9221",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CVE-2016-9221",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 1.8,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CNVD-2017-01066",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.6,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "VHN-98041",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "nvd@nist.gov",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "id": "CVE-2016-9221",
            "impactScore": 1.4,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2016-9221",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2016-9221",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-01066",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201701-791",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "VULHUB",
            "id": "VHN-98041",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-01066"
      },
      {
        "db": "VULHUB",
        "id": "VHN-98041"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-007068"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-791"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9221"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. Affected Products: This vulnerability affects Cisco Mobility Express 2800 Series and 3800 Series Access Points when configured in local mode in 40 MHz. More Information: CSCvb33575. Known Affected Releases: 8.2(121.12) 8.4(1.82). Known Fixed Releases: 8.2(131.2) 8.2(131.3) 8.2(131.4) 8.2(141.0) 8.3(104.53) 8.3(104.54) 8.4(1.80) 8.4(1.85). Vendors have confirmed this vulnerability Bug ID CSCvb33575 It is released as.Denial of service by an adjacent attacker ( Authentication failure ) There is a possibility of being put into a state. The Cisco Mobility Express 2800 and 3800 AccessPoints are wireless products based on the Mobility Express solution from Cisco. An attacker could exploit this vulnerability to cause a denial of service. \nThis issue is being tracked by Cisco Bug ID CSCvb33575. The vulnerability stems from the fact that the program does not correctly handle 802.11 authentication request errors. An attacker could exploit this vulnerability by sending a specially crafted 802.11 frame to the target device to affect the availability of the device",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-9221"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-007068"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01066"
      },
      {
        "db": "BID",
        "id": "95631"
      },
      {
        "db": "VULHUB",
        "id": "VHN-98041"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-9221",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "95631",
        "trust": 2.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-007068",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-791",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01066",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-98041",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-01066"
      },
      {
        "db": "VULHUB",
        "id": "VHN-98041"
      },
      {
        "db": "BID",
        "id": "95631"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-007068"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-791"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9221"
      }
    ]
  },
  "id": "VAR-201701-0858",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-01066"
      },
      {
        "db": "VULHUB",
        "id": "VHN-98041"
      }
    ],
    "trust": 1.5
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-01066"
      }
    ]
  },
  "last_update_date": "2025-04-20T23:40:12.213000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20170118-cme2",
        "trust": 0.8,
        "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2"
      },
      {
        "title": "Cisco Mobility Express 2800  and 800 Access Points Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67349"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-007068"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-791"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-399",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-98041"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-007068"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9221"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.securityfocus.com/bid/95631"
      },
      {
        "trust": 1.7,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170118-cme2"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9221"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-9221"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.3,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170118-cme2 "
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-01066"
      },
      {
        "db": "VULHUB",
        "id": "VHN-98041"
      },
      {
        "db": "BID",
        "id": "95631"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-007068"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-791"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9221"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-01066"
      },
      {
        "db": "VULHUB",
        "id": "VHN-98041"
      },
      {
        "db": "BID",
        "id": "95631"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-007068"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-791"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9221"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-02-08T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-01066"
      },
      {
        "date": "2017-01-26T00:00:00",
        "db": "VULHUB",
        "id": "VHN-98041"
      },
      {
        "date": "2017-01-18T00:00:00",
        "db": "BID",
        "id": "95631"
      },
      {
        "date": "2017-02-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-007068"
      },
      {
        "date": "2017-01-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201701-791"
      },
      {
        "date": "2017-01-26T07:59:00.247000",
        "db": "NVD",
        "id": "CVE-2016-9221"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-02-08T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-01066"
      },
      {
        "date": "2017-01-27T00:00:00",
        "db": "VULHUB",
        "id": "VHN-98041"
      },
      {
        "date": "2017-01-23T01:11:00",
        "db": "BID",
        "id": "95631"
      },
      {
        "date": "2017-02-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-007068"
      },
      {
        "date": "2017-01-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201701-791"
      },
      {
        "date": "2025-04-20T01:37:25.860000",
        "db": "NVD",
        "id": "CVE-2016-9221"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "specific network environment",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-791"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Mobility Express 2800 and  3800 series  Access Points Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-007068"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-791"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-9221 (GCVE-0-2016-9221)

FKIE_CVE-2016-9221

GSD-2016-9221

GHSA-H84G-XQ42-7Q7F

CNVD-2017-01066

VAR-201701-0858

Tags

Sightings

Nomenclature