CVE-2016-9221 | Vulnerability Database | Aqua Security

A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. Affected Products: This vulnerability affects Cisco Mobility Express 2800 Series and 3800 Series Access Points when configured in local mode in 40 MHz. More Information: CSCvb33575. Known Affected Releases: 8.2(121.12) 8.4(1.82). Known Fixed Releases: 8.2(131.2) 8.2(131.3) 8.2(131.4) 8.2(141.0) 8.3(104.53) 8.3(104.54) 8.4(1.80) 8.4(1.85).

Affected Software

Name	Vendor	Start Version	End Version
Aironet_access_point_software	Cisco	8.2(121.12) (including)	8.2(121.12) (including)
Aironet_access_point_software	Cisco	8.4(1.82) (including)	8.4(1.82) (including)

References

http://www.securityfocus.com/bid/95631
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2
http://www.securityfocus.com/bid/95631
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme2

NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-9221
CWE	https://cwe.mitre.org/data/definitions/399.html