Vulnerabilites related to cisco - 2504_wireless_lan_controller
Vulnerability from fkie_nvd
Published
2012-03-01 01:55
Modified
2024-11-21 01:34
Severity ?
Summary
Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service (device reload) via a sequence of (1) HTTP or (2) HTTPS packets, aka Bug ID CSCtt47435.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44884968-081D-4F6B-A325-74D5466052A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.108:*:*:*:*:*:*:*",
"matchCriteriaId": "E23E6B23-2DFC-4959-B69D-35B12A3674C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.155.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9E44A7-9C79-4937-B929-D7CD48969D44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.155.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D91822EB-04F3-4590-9E74-C173D332FF64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.179.8:*:*:*:*:*:*:*",
"matchCriteriaId": "328B192D-6070-46C9-9B5E-E2D19197516E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.179.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9AEB928B-97EC-490F-A313-B565FB67C8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.196:*:*:*:*:*:*:*",
"matchCriteriaId": "27C3E9DF-439E-4319-BFA3-14D756069FFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.206.0:*:*:*:*:*:*:*",
"matchCriteriaId": "546C8A02-3C19-4AE8-98D6-D24342306764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.217.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D882A253-143C-4561-B0CA-209D48A995F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.219.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA48A99-0ED5-4FEB-8906-B68D4C5C702E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3A8DBB-9E82-4428-9034-391F662DFA0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.1.171.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81CC513E-95EA-4FA0-AD70-25C51155AD26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.1.181.0:*:*:*:*:*:*:*",
"matchCriteriaId": "272C20B5-3EA4-4AFD-ACD6-15A8ABA73C83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.1.185.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11F235E4-673A-4EC4-98F6-423C68919AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.1m:*:*:*:*:*:*:*",
"matchCriteriaId": "7701D5E7-9264-4A34-9467-9AB3CA5E4A8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1E1F40-ECB6-42FB-838E-998B1893D5CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A15A3CA-69E7-451D-AB84-43A6BBF17A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.99.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62424F6A-2D82-45C0-A7D3-540649DA5F5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.112.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A17769C-A301-4BC9-A2B1-E442F78030C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.117.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F2290101-AEFA-4C4F-B8CE-620BDE6EA3F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.130.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0947448E-D8C5-423D-BDF3-36BD29A83ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.173.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57C6B8CB-9277-463B-84EB-AEF36EE40E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.174.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DDBD9C2D-514C-44D3-ADCD-D6F80E50BEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.176.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A97D98B-6B3C-4AD1-8096-202E44F63B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.182.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C29D759-F433-42FB-ADA5-8FEA71085CC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2m:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3F13F4-0E96-490D-9DA0-8B22595E9BC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA75092-5306-45F5-AEB5-67A2224FFDCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.0.148.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1BAACE0C-DD44-4E81-ABEF-7896647CE8C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.0.148.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5140A4F1-713E-4478-B807-83D826DAA374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "68625A20-073A-4AC9-8C46-BCE07B185D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.1.151.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2143731F-749D-45ED-B2FE-A3893C5B1F6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.1.152.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C860DDD-33C6-4CC9-B8D2-4E3C9884C445",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.1.160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2230FF3-EE71-408A-B558-74AAD024F661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A1511CA9-B471-49D6-9BEE-1BADE6EC61E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.2.157.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D513E4D8-B0A4-4C71-AD42-8EF9FE3E63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.2.169.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60A2DB28-C42F-4E64-B0A2-63D83603D656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "593615BB-EDEC-4267-9D6A-B67E89BB0BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.182.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F555475A-7ED8-45DD-93C5-BC3BFA07851B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.188.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BAA820A1-1E44-43E5-B80A-446608697558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.196.0:*:*:*:*:*:*:*",
"matchCriteriaId": "983D3154-58C0-4994-AFD3-FCCCE607E66C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.199.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18E87542-257E-4C75-87DB-CD56416F7524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.199.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B6862C9D-2683-4BDC-B78E-537785F291C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B84AFFD-117A-4E7C-8F2C-01DF5DE4EDA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.0.98.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1855D021-7914-4862-B613-97F6664AE33F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D96188C-F969-46A4-9600-D64FB8123031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "41B7499D-75A9-46A9-9129-BCD18533B21F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:2000_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B6A979-5487-4ABF-AD66-522442D6DC38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2100_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24B6D315-BBA5-4C37-BB74-BD1ADCA77F69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2106_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7208F675-6E28-4DE3-8E08-132DE2AB95C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2112_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB736F8-6A4E-42BE-9BAE-EE53E4E933E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2125_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F2B4FCC-1E65-4F49-BA1E-82DEAD5959D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2500_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "719ECA81-592C-4118-B1CB-2AF604461DED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2504_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "064D7DAD-CFC5-4433-AE45-671FB4357D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4100_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97790CF3-F428-499C-A175-1DB8380432F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4400_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62DD77D6-9809-4B8B-A19F-1D10449C546F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4402_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E98007A4-43AC-40F6-9032-BB83B33B6E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4404_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "883A22D1-2529-49BB-92A4-0CE2C1F327C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:5508_wireless_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC836E1-650B-4D2A-A085-9DB574A3F060",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service (device reload) via a sequence of (1) HTTP or (2) HTTPS packets, aka Bug ID CSCtt47435."
},
{
"lang": "es",
"value": "Dispositivos Cisco Wireless LAN Controller (WLC) con software 4v.x, v5.x, v6.0, y v7.0 anteriores a v7.0.220.0 y 7.1 anteriores a v7.1.91.0, cuando est\u00e1 activado WebAuth, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga de dispositivo) a trav\u00e9s de una secuencia de paquetes (1) HTTP o (2) HTTPS, tambi\u00e9n conocido como Bug ID CSCtt47435."
}
],
"id": "CVE-2012-0370",
"lastModified": "2024-11-21T01:34:51.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-01T01:55:01.173",
"references": [
{
"source": "psirt@cisco.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-05-04 03:24
Modified
2024-11-21 01:49
Severity ?
Summary
Cisco Wireless LAN Controller (WLC) devices do not properly address the resource consumption of terminated TELNET sessions, which allows remote attackers to cause a denial of service (TELNET outage) by making many TELNET connections and improperly ending these connections, aka Bug ID CSCug35507.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:2000_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B6A979-5487-4ABF-AD66-522442D6DC38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2100_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24B6D315-BBA5-4C37-BB74-BD1ADCA77F69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2106_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C58D0FC-9466-46D8-9292-110A502849AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2112_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A95FD5A-FCC2-42C8-91AD-2F8C823CBFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2125_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "584BBBE4-6E19-47BE-99B6-4370CEA91BF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2500_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52A0DE1A-D1A2-4F5A-B237-4F53892775E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2504_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF2B56FF-7F15-4926-A570-472BC675306F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4100_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97790CF3-F428-499C-A175-1DB8380432F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4400_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62DD77D6-9809-4B8B-A19F-1D10449C546F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4402_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E98007A4-43AC-40F6-9032-BB83B33B6E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4404_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "883A22D1-2529-49BB-92A4-0CE2C1F327C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:5500_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEA74EC6-0B2D-441A-8DDB-FFB736D0CF56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:7500_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D51BCAD1-576F-44A7-85CF-DF03363DBFAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:8500_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9BD1C8-10F8-4BA7-A883-42384A5EC1A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:airespace_4000_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "824C533A-2951-442A-86FD-BC90DAFEEBF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E08C420-97C2-4323-9388-D6C32E83BBF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Wireless LAN Controller (WLC) devices do not properly address the resource consumption of terminated TELNET sessions, which allows remote attackers to cause a denial of service (TELNET outage) by making many TELNET connections and improperly ending these connections, aka Bug ID CSCug35507."
},
{
"lang": "es",
"value": "Cisco Wireless LAN Controller (WLC) no gestiona adecuadamente el consumo de recursos de las sesiones TELNET terminadas, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio haciendo muchas conexiones Telnet y acabando de forma inadecuada con las mismas, tambi\u00e9n conocido como Bug ID CSCug35507."
}
],
"id": "CVE-2013-1235",
"lastModified": "2024-11-21T01:49:10.087",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-05-04T03:24:41.720",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1235"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-01 01:55
Modified
2024-11-21 01:34
Severity ?
Summary
The administrative management interface on Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allows remote attackers to cause a denial of service (device crash) via a malformed URL in an HTTP request, aka Bug ID CSCts81997.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44884968-081D-4F6B-A325-74D5466052A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.108:*:*:*:*:*:*:*",
"matchCriteriaId": "E23E6B23-2DFC-4959-B69D-35B12A3674C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.155.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9E44A7-9C79-4937-B929-D7CD48969D44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.155.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D91822EB-04F3-4590-9E74-C173D332FF64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.179.8:*:*:*:*:*:*:*",
"matchCriteriaId": "328B192D-6070-46C9-9B5E-E2D19197516E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.179.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9AEB928B-97EC-490F-A313-B565FB67C8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.196:*:*:*:*:*:*:*",
"matchCriteriaId": "27C3E9DF-439E-4319-BFA3-14D756069FFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.206.0:*:*:*:*:*:*:*",
"matchCriteriaId": "546C8A02-3C19-4AE8-98D6-D24342306764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.217.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D882A253-143C-4561-B0CA-209D48A995F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.219.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA48A99-0ED5-4FEB-8906-B68D4C5C702E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3A8DBB-9E82-4428-9034-391F662DFA0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.1.171.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81CC513E-95EA-4FA0-AD70-25C51155AD26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.1.181.0:*:*:*:*:*:*:*",
"matchCriteriaId": "272C20B5-3EA4-4AFD-ACD6-15A8ABA73C83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.1.185.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11F235E4-673A-4EC4-98F6-423C68919AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.1m:*:*:*:*:*:*:*",
"matchCriteriaId": "7701D5E7-9264-4A34-9467-9AB3CA5E4A8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1E1F40-ECB6-42FB-838E-998B1893D5CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A15A3CA-69E7-451D-AB84-43A6BBF17A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.99.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62424F6A-2D82-45C0-A7D3-540649DA5F5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.112.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A17769C-A301-4BC9-A2B1-E442F78030C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.117.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F2290101-AEFA-4C4F-B8CE-620BDE6EA3F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.130.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0947448E-D8C5-423D-BDF3-36BD29A83ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.173.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57C6B8CB-9277-463B-84EB-AEF36EE40E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.174.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DDBD9C2D-514C-44D3-ADCD-D6F80E50BEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.176.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A97D98B-6B3C-4AD1-8096-202E44F63B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.182.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C29D759-F433-42FB-ADA5-8FEA71085CC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2m:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3F13F4-0E96-490D-9DA0-8B22595E9BC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA75092-5306-45F5-AEB5-67A2224FFDCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.0.148.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1BAACE0C-DD44-4E81-ABEF-7896647CE8C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.0.148.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5140A4F1-713E-4478-B807-83D826DAA374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "68625A20-073A-4AC9-8C46-BCE07B185D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.1.151.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2143731F-749D-45ED-B2FE-A3893C5B1F6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.1.152.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C860DDD-33C6-4CC9-B8D2-4E3C9884C445",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.1.160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2230FF3-EE71-408A-B558-74AAD024F661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A1511CA9-B471-49D6-9BEE-1BADE6EC61E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.2.157.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D513E4D8-B0A4-4C71-AD42-8EF9FE3E63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.2.169.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60A2DB28-C42F-4E64-B0A2-63D83603D656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "593615BB-EDEC-4267-9D6A-B67E89BB0BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.182.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F555475A-7ED8-45DD-93C5-BC3BFA07851B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.188.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BAA820A1-1E44-43E5-B80A-446608697558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.196.0:*:*:*:*:*:*:*",
"matchCriteriaId": "983D3154-58C0-4994-AFD3-FCCCE607E66C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.199.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18E87542-257E-4C75-87DB-CD56416F7524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.199.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B6862C9D-2683-4BDC-B78E-537785F291C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B84AFFD-117A-4E7C-8F2C-01DF5DE4EDA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.0.98.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1855D021-7914-4862-B613-97F6664AE33F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D96188C-F969-46A4-9600-D64FB8123031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "41B7499D-75A9-46A9-9129-BCD18533B21F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:2000_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C58CC1B0-7123-4BD9-A05B-7E369B77000D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2100_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8828AE39-A8E7-43AE-B0C1-3CEB869F54A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2106_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C58D0FC-9466-46D8-9292-110A502849AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2112_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A95FD5A-FCC2-42C8-91AD-2F8C823CBFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2125_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "584BBBE4-6E19-47BE-99B6-4370CEA91BF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2500_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52A0DE1A-D1A2-4F5A-B237-4F53892775E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2504_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF2B56FF-7F15-4926-A570-472BC675306F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4100_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F116A191-063F-4768-ABF2-A34AE40D39F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4400_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E5C6FAD-EE6D-4786-B50D-BE384BAC8852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4402_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA92356-F06C-48E3-B476-36A10163F932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4404_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C929AEA7-C987-48E5-A494-66D06B665C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:5508_wireless_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAE0E9A3-9D58-48C4-8383-A2C7095EE40A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The administrative management interface on Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allows remote attackers to cause a denial of service (device crash) via a malformed URL in an HTTP request, aka Bug ID CSCts81997."
},
{
"lang": "es",
"value": "El interface de gesti\u00f3n administrativa en dispositivos Cisco Wireless LAN Controller (WLC) con software v4.x, v5.x, v6.0, y v7.0 anterior a v7.0.220.0, v7.1 anteriores a v7.1.91.0, y v7.2 anteriores a v7.2.103.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de dispositvo) a trav\u00e9s de una URL manipulada en una petici\u00f3n HTTP, tambi\u00e9n conocido como Bug ID CSCts81997."
}
],
"id": "CVE-2012-0368",
"lastModified": "2024-11-21T01:34:51.413",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-01T01:55:01.097",
"references": [
{
"source": "psirt@cisco.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-15 20:59
Modified
2024-11-21 03:26
Severity ?
Summary
A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology. The vulnerability is due to insufficient authentication of the parent access point in a mesh configuration. An attacker could exploit this vulnerability by forcing the target system to disconnect from the correct parent access point and reconnect to a rogue access point owned by the attacker. An exploit could allow the attacker to control the traffic flowing through the impacted access point or take full control of the target system. This vulnerability affects the following products running a vulnerable version of Wireless LAN Controller software and configured for meshed mode: Cisco 8500 Series Wireless Controller, Cisco 5500 Series Wireless Controller, Cisco 2500 Series Wireless Controller, Cisco Flex 7500 Series Wireless Controller, Cisco Virtual Wireless Controller, Wireless Services Module 2 (WiSM2). Note that additional configuration is needed in addition to upgrading to a fixed release. Cisco Bug IDs: CSCuc98992 CSCuu14804.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/96911 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1038041 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wlc-mesh | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96911 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038041 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wlc-mesh | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_firmware:8.0.72.140:*:*:*:*:*:*:*",
"matchCriteriaId": "64D442BA-AF11-4758-9894-D832CC3592C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0199.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E66BD610-3E55-4C6E-9C63-2D1FDE44AD74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.41.54:*:*:*:*:*:*:*",
"matchCriteriaId": "3CD4FC3F-E63E-44BC-B0D2-CB92AED223DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.0220.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E448C65-1694-402C-9F07-0F03CD23A0EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.0250.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4418591D-4ABF-43E9-A156-CBD431EA653C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:16.088.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1FACF156-5132-46F5-B5A6-0A2085052306",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:2500_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52A0DE1A-D1A2-4F5A-B237-4F53892775E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:2504_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF2B56FF-7F15-4926-A570-472BC675306F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:5500_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEA74EC6-0B2D-441A-8DDB-FFB736D0CF56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:5508_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9FD7B8F-475B-4DAD-9873-4732FADA5230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7500_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D51BCAD1-576F-44A7-85CF-DF03363DBFAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7510_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD85056-5B85-4AE2-8BA6-A7E0B5C05EA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:8510_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81DD7F84-B295-4F4B-9F06-140C81B6E9B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:8540_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "340E1032-ED1A-40D2-BC97-7AAE8EC1AA76",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:virtual_wireless_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8023AEFE-3489-49F4-90AE-210DCF1E0E6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:wireless_service_module_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7918A9DA-D75C-4A39-B3B7-10233DC05619",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology. The vulnerability is due to insufficient authentication of the parent access point in a mesh configuration. An attacker could exploit this vulnerability by forcing the target system to disconnect from the correct parent access point and reconnect to a rogue access point owned by the attacker. An exploit could allow the attacker to control the traffic flowing through the impacted access point or take full control of the target system. This vulnerability affects the following products running a vulnerable version of Wireless LAN Controller software and configured for meshed mode: Cisco 8500 Series Wireless Controller, Cisco 5500 Series Wireless Controller, Cisco 2500 Series Wireless Controller, Cisco Flex 7500 Series Wireless Controller, Cisco Virtual Wireless Controller, Wireless Services Module 2 (WiSM2). Note that additional configuration is needed in addition to upgrading to a fixed release. Cisco Bug IDs: CSCuc98992 CSCuu14804."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el c\u00f3digo de malla del software Cisco Wireless LAN Controller (WLC) podr\u00eda permitir a un atacante remoto no autenticado hacerse pasar por un WLC en una topolog\u00eda en malla. La vulnerabilidad se debe a una autenticaci\u00f3n insuficiente del punto de acceso padre en una configuraci\u00f3n de malla. Un atacante podr\u00eda explotar esta vulnerabilidad forzando al sistema de destino a desconectarse del punto de acceso padre correcto y volver a conectarse a un punto de acceso deshonesto propiedad del atacante. Un exploit podr\u00eda permitir al atacante controlar el tr\u00e1fico que fluye a trav\u00e9s del punto de acceso afectado o tomar el control total del sistema de destino. Esta vulnerabilidad afecta a los siguientes productos que ejecutan una versi\u00f3n vulnerable del software Wireless LAN Controller y est\u00e1n configurados para el modo de malla: Controlador inal\u00e1mbrico Cisco 8500 Series, Controlador inal\u00e1mbrico Cisco 5500 Series, Controlador inal\u00e1mbrico Cisco 2500 Series, Controlador inal\u00e1mbrico Cisco Flex 7500 Series, Controlador inal\u00e1mbrico virtual Cisco , Wireless Services Module 2 (WiSM2). Tenga en cuenta que se necesita una configuraci\u00f3n adicional adem\u00e1s de actualizar a una versi\u00f3n fija. ID de errores de Cisco: CSCuc98992 CSCuu14804."
}
],
"id": "CVE-2017-3854",
"lastModified": "2024-11-21T03:26:14.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-15T20:59:00.257",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96911"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038041"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wlc-mesh"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wlc-mesh"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-01 01:55
Modified
2024-11-21 01:34
Severity ?
Summary
Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-based ACLs are enabled, allow remote attackers to read or modify the configuration via unspecified vectors, aka Bug ID CSCtu56709.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44884968-081D-4F6B-A325-74D5466052A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.108:*:*:*:*:*:*:*",
"matchCriteriaId": "E23E6B23-2DFC-4959-B69D-35B12A3674C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.155.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9E44A7-9C79-4937-B929-D7CD48969D44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.155.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D91822EB-04F3-4590-9E74-C173D332FF64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.179.8:*:*:*:*:*:*:*",
"matchCriteriaId": "328B192D-6070-46C9-9B5E-E2D19197516E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.179.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9AEB928B-97EC-490F-A313-B565FB67C8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.196:*:*:*:*:*:*:*",
"matchCriteriaId": "27C3E9DF-439E-4319-BFA3-14D756069FFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.206.0:*:*:*:*:*:*:*",
"matchCriteriaId": "546C8A02-3C19-4AE8-98D6-D24342306764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.217.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D882A253-143C-4561-B0CA-209D48A995F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.219.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA48A99-0ED5-4FEB-8906-B68D4C5C702E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3A8DBB-9E82-4428-9034-391F662DFA0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.1.171.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81CC513E-95EA-4FA0-AD70-25C51155AD26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.1.181.0:*:*:*:*:*:*:*",
"matchCriteriaId": "272C20B5-3EA4-4AFD-ACD6-15A8ABA73C83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.1.185.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11F235E4-673A-4EC4-98F6-423C68919AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.1m:*:*:*:*:*:*:*",
"matchCriteriaId": "7701D5E7-9264-4A34-9467-9AB3CA5E4A8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1E1F40-ECB6-42FB-838E-998B1893D5CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A15A3CA-69E7-451D-AB84-43A6BBF17A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.99.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62424F6A-2D82-45C0-A7D3-540649DA5F5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.112.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A17769C-A301-4BC9-A2B1-E442F78030C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.117.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F2290101-AEFA-4C4F-B8CE-620BDE6EA3F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.130.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0947448E-D8C5-423D-BDF3-36BD29A83ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.173.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57C6B8CB-9277-463B-84EB-AEF36EE40E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.174.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DDBD9C2D-514C-44D3-ADCD-D6F80E50BEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.176.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A97D98B-6B3C-4AD1-8096-202E44F63B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.182.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C29D759-F433-42FB-ADA5-8FEA71085CC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2m:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3F13F4-0E96-490D-9DA0-8B22595E9BC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA75092-5306-45F5-AEB5-67A2224FFDCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.0.148.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1BAACE0C-DD44-4E81-ABEF-7896647CE8C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.0.148.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5140A4F1-713E-4478-B807-83D826DAA374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "68625A20-073A-4AC9-8C46-BCE07B185D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.1.151.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2143731F-749D-45ED-B2FE-A3893C5B1F6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.1.152.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C860DDD-33C6-4CC9-B8D2-4E3C9884C445",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.1.160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2230FF3-EE71-408A-B558-74AAD024F661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A1511CA9-B471-49D6-9BEE-1BADE6EC61E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.2.157.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D513E4D8-B0A4-4C71-AD42-8EF9FE3E63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.2.169.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60A2DB28-C42F-4E64-B0A2-63D83603D656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "593615BB-EDEC-4267-9D6A-B67E89BB0BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.182.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F555475A-7ED8-45DD-93C5-BC3BFA07851B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.188.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BAA820A1-1E44-43E5-B80A-446608697558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.196.0:*:*:*:*:*:*:*",
"matchCriteriaId": "983D3154-58C0-4994-AFD3-FCCCE607E66C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.199.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18E87542-257E-4C75-87DB-CD56416F7524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.199.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B6862C9D-2683-4BDC-B78E-537785F291C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B84AFFD-117A-4E7C-8F2C-01DF5DE4EDA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.0.98.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1855D021-7914-4862-B613-97F6664AE33F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:2000_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B6A979-5487-4ABF-AD66-522442D6DC38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2100_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24B6D315-BBA5-4C37-BB74-BD1ADCA77F69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2106_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7208F675-6E28-4DE3-8E08-132DE2AB95C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2112_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB736F8-6A4E-42BE-9BAE-EE53E4E933E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2125_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F2B4FCC-1E65-4F49-BA1E-82DEAD5959D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2500_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "719ECA81-592C-4118-B1CB-2AF604461DED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2504_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "064D7DAD-CFC5-4433-AE45-671FB4357D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4100_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97790CF3-F428-499C-A175-1DB8380432F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4400_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62DD77D6-9809-4B8B-A19F-1D10449C546F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4402_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E98007A4-43AC-40F6-9032-BB83B33B6E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4404_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "883A22D1-2529-49BB-92A4-0CE2C1F327C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:5508_wireless_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC836E1-650B-4D2A-A085-9DB574A3F060",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-based ACLs are enabled, allow remote attackers to read or modify the configuration via unspecified vectors, aka Bug ID CSCtu56709."
},
{
"lang": "es",
"value": "Dispositivos Cisco Wireless LAN Controller (WLC) son software v4.x, v5.x, v6.0, y 7.0 anteriores a v7.0.220.4, cuando est\u00e1 activada la opci\u00f3n CPU-based ACLs, permite a atacantes remotos leer y modificar la configuraci\u00f3n a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCtu56709."
}
],
"id": "CVE-2012-0371",
"lastModified": "2024-11-21T01:34:51.727",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-01T01:55:01.220",
"references": [
{
"source": "psirt@cisco.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-30 19:15
Modified
2024-11-21 06:43
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error validation. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to cause the wireless LAN controller to crash, resulting in a DoS condition. Note: This vulnerability affects only devices that have Federal Information Processing Standards (FIPS) mode enabled.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A1148C0-C1D4-4118-8BFC-20888792C1A5",
"versionEndExcluding": "8.10.171.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:virtual_wireless_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6BF3FF9-F50A-43F7-8BFC-A583839CF068",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:2504_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF2B56FF-7F15-4926-A570-472BC675306F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:3504_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "744DD1C4-DE18-486E-8F1F-C68CC000245A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:5508_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9FD7B8F-475B-4DAD-9873-4732FADA5230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:5520_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE05E91A-E339-4BFC-A126-653113BD1D48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:8540_wireless_lan_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "340E1032-ED1A-40D2-BC97-7AAE8EC1AA76",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:flex_7510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FAE08D4-C800-4531-BE0A-FF285F657BF5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error validation. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to cause the wireless LAN controller to crash, resulting in a DoS condition. Note: This vulnerability affects only devices that have Federal Information Processing Standards (FIPS) mode enabled."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad de autenticaci\u00f3n del software AireOS de Cisco Wireless LAN Controller (WLC) podr\u00eda permitir a un atacante adyacente no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a que la comprobaci\u00f3n de errores es insuficiente. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes dise\u00f1ados a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar el bloqueo del controlador de la LAN inal\u00e1mbrica, resultando en una condici\u00f3n de DoS. Nota: Esta vulnerabilidad s\u00f3lo afecta a dispositivos que presentan habilitado el modo FIPS (Federal Information Processing Standards)"
}
],
"id": "CVE-2022-20769",
"lastModified": "2024-11-21T06:43:31.107",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-30T19:15:11.217",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dos-mKGRrsCB"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dos-mKGRrsCB"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-01 01:55
Modified
2024-11-21 01:34
Severity ?
Summary
Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (device reload) via a sequence of IPv6 packets, aka Bug ID CSCtt07949.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "593615BB-EDEC-4267-9D6A-B67E89BB0BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.182.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F555475A-7ED8-45DD-93C5-BC3BFA07851B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.188.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BAA820A1-1E44-43E5-B80A-446608697558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.196.0:*:*:*:*:*:*:*",
"matchCriteriaId": "983D3154-58C0-4994-AFD3-FCCCE607E66C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.199.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18E87542-257E-4C75-87DB-CD56416F7524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:6.0.199.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B6862C9D-2683-4BDC-B78E-537785F291C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B84AFFD-117A-4E7C-8F2C-01DF5DE4EDA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.0.98.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1855D021-7914-4862-B613-97F6664AE33F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D96188C-F969-46A4-9600-D64FB8123031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "41B7499D-75A9-46A9-9129-BCD18533B21F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:2000_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B6A979-5487-4ABF-AD66-522442D6DC38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2100_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24B6D315-BBA5-4C37-BB74-BD1ADCA77F69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2106_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7208F675-6E28-4DE3-8E08-132DE2AB95C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2112_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB736F8-6A4E-42BE-9BAE-EE53E4E933E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2125_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F2B4FCC-1E65-4F49-BA1E-82DEAD5959D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2500_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "719ECA81-592C-4118-B1CB-2AF604461DED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:2504_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "064D7DAD-CFC5-4433-AE45-671FB4357D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4100_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97790CF3-F428-499C-A175-1DB8380432F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4400_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62DD77D6-9809-4B8B-A19F-1D10449C546F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4402_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E98007A4-43AC-40F6-9032-BB83B33B6E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:4404_wireless_lan_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "883A22D1-2529-49BB-92A4-0CE2C1F327C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:5508_wireless_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC836E1-650B-4D2A-A085-9DB574A3F060",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (device reload) via a sequence of IPv6 packets, aka Bug ID CSCtt07949."
},
{
"lang": "es",
"value": "Dispositivos Cisco Wireless LAN Controller (WLC) con software v6.0 y v7.0 anteriores a v7.0.220.0, 7.1 anteriores a v7.1.91.0, y v7.2 anteriores a v7.2.103.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga de dispositivo) a trav\u00e9s de una secuencia de paquetes IPv6, tambi\u00e9n conocido como Bug ID CSCtt07949."
}
],
"id": "CVE-2012-0369",
"lastModified": "2024-11-21T01:34:51.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-01T01:55:01.143",
"references": [
{
"source": "psirt@cisco.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2012-0368
Vulnerability from cvelistv5
Published
2012-03-01 01:00
Modified
2024-08-06 18:23
Severity ?
EPSS score ?
Summary
The administrative management interface on Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allows remote attackers to cause a denial of service (device crash) via a malformed URL in an HTTP request, aka Bug ID CSCts81997.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc | vendor-advisory, x_refsource_CISCO | |
| http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:23:30.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120229 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
},
{
"name": "20120229 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The administrative management interface on Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allows remote attackers to cause a denial of service (device crash) via a malformed URL in an HTTP request, aka Bug ID CSCts81997."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T18:57:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20120229 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
},
{
"name": "20120229 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-0368",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The administrative management interface on Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allows remote attackers to cause a denial of service (device crash) via a malformed URL in an HTTP request, aka Bug ID CSCts81997."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120229 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
},
{
"name": "20120229 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-0368",
"datePublished": "2012-03-01T01:00:00",
"dateReserved": "2012-01-04T00:00:00",
"dateUpdated": "2024-08-06T18:23:30.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-3854
Vulnerability from cvelistv5
Published
2017-03-15 20:00
Modified
2024-08-05 14:39
Severity ?
EPSS score ?
Summary
A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology. The vulnerability is due to insufficient authentication of the parent access point in a mesh configuration. An attacker could exploit this vulnerability by forcing the target system to disconnect from the correct parent access point and reconnect to a rogue access point owned by the attacker. An exploit could allow the attacker to control the traffic flowing through the impacted access point or take full control of the target system. This vulnerability affects the following products running a vulnerable version of Wireless LAN Controller software and configured for meshed mode: Cisco 8500 Series Wireless Controller, Cisco 5500 Series Wireless Controller, Cisco 2500 Series Wireless Controller, Cisco Flex 7500 Series Wireless Controller, Cisco Virtual Wireless Controller, Wireless Services Module 2 (WiSM2). Note that additional configuration is needed in addition to upgrading to a fixed release. Cisco Bug IDs: CSCuc98992 CSCuu14804.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1038041 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/96911 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wlc-mesh | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco Meshed Wireless LAN Controller |
Version: Cisco Meshed Wireless LAN Controller |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:41.070Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038041",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038041"
},
{
"name": "96911",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96911"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wlc-mesh"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Meshed Wireless LAN Controller",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Meshed Wireless LAN Controller"
}
]
}
],
"datePublic": "2017-03-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology. The vulnerability is due to insufficient authentication of the parent access point in a mesh configuration. An attacker could exploit this vulnerability by forcing the target system to disconnect from the correct parent access point and reconnect to a rogue access point owned by the attacker. An exploit could allow the attacker to control the traffic flowing through the impacted access point or take full control of the target system. This vulnerability affects the following products running a vulnerable version of Wireless LAN Controller software and configured for meshed mode: Cisco 8500 Series Wireless Controller, Cisco 5500 Series Wireless Controller, Cisco 2500 Series Wireless Controller, Cisco Flex 7500 Series Wireless Controller, Cisco Virtual Wireless Controller, Wireless Services Module 2 (WiSM2). Note that additional configuration is needed in addition to upgrading to a fixed release. Cisco Bug IDs: CSCuc98992 CSCuu14804."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Impersonation Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-11T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1038041",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038041"
},
{
"name": "96911",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96911"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wlc-mesh"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-3854",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Meshed Wireless LAN Controller",
"version": {
"version_data": [
{
"version_value": "Cisco Meshed Wireless LAN Controller"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology. The vulnerability is due to insufficient authentication of the parent access point in a mesh configuration. An attacker could exploit this vulnerability by forcing the target system to disconnect from the correct parent access point and reconnect to a rogue access point owned by the attacker. An exploit could allow the attacker to control the traffic flowing through the impacted access point or take full control of the target system. This vulnerability affects the following products running a vulnerable version of Wireless LAN Controller software and configured for meshed mode: Cisco 8500 Series Wireless Controller, Cisco 5500 Series Wireless Controller, Cisco 2500 Series Wireless Controller, Cisco Flex 7500 Series Wireless Controller, Cisco Virtual Wireless Controller, Wireless Services Module 2 (WiSM2). Note that additional configuration is needed in addition to upgrading to a fixed release. Cisco Bug IDs: CSCuc98992 CSCuu14804."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Impersonation Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038041",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038041"
},
{
"name": "96911",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96911"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wlc-mesh",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wlc-mesh"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-3854",
"datePublished": "2017-03-15T20:00:00",
"dateReserved": "2016-12-21T00:00:00",
"dateUpdated": "2024-08-05T14:39:41.070Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20769
Vulnerability from cvelistv5
Published
2022-09-30 18:45
Modified
2024-11-06 16:04
Severity ?
EPSS score ?
Summary
A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error validation. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to cause the wireless LAN controller to crash, resulting in a DoS condition. Note: This vulnerability affects only devices that have Federal Information Processing Standards (FIPS) mode enabled.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dos-mKGRrsCB | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Wireless LAN Controller (WLC) |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:49.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220928 Cisco Wireless LAN Controller AireOS Software FIPS Mode Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dos-mKGRrsCB"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20769",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T15:57:25.482814Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:04:50.388Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Wireless LAN Controller (WLC)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-09-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error validation. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to cause the wireless LAN controller to crash, resulting in a DoS condition. Note: This vulnerability affects only devices that have Federal Information Processing Standards (FIPS) mode enabled."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-30T18:45:21",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220928 Cisco Wireless LAN Controller AireOS Software FIPS Mode Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dos-mKGRrsCB"
}
],
"source": {
"advisory": "cisco-sa-wlc-dos-mKGRrsCB",
"defect": [
[
"CSCwa40778"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Wireless LAN Controller AireOS Software FIPS Mode Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-09-28T23:00:00",
"ID": "CVE-2022-20769",
"STATE": "PUBLIC",
"TITLE": "Cisco Wireless LAN Controller AireOS Software FIPS Mode Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Wireless LAN Controller (WLC)",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error validation. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to cause the wireless LAN controller to crash, resulting in a DoS condition. Note: This vulnerability affects only devices that have Federal Information Processing Standards (FIPS) mode enabled."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.4",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220928 Cisco Wireless LAN Controller AireOS Software FIPS Mode Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dos-mKGRrsCB"
}
]
},
"source": {
"advisory": "cisco-sa-wlc-dos-mKGRrsCB",
"defect": [
[
"CSCwa40778"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20769",
"datePublished": "2022-09-30T18:45:21.833116Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-06T16:04:50.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-0371
Vulnerability from cvelistv5
Published
2012-03-01 01:00
Modified
2024-08-06 18:23
Severity ?
EPSS score ?
Summary
Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-based ACLs are enabled, allow remote attackers to read or modify the configuration via unspecified vectors, aka Bug ID CSCtu56709.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc | vendor-advisory, x_refsource_CISCO | |
| http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:23:30.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120229 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
},
{
"name": "20120229 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-based ACLs are enabled, allow remote attackers to read or modify the configuration via unspecified vectors, aka Bug ID CSCtu56709."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T18:57:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20120229 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
},
{
"name": "20120229 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-0371",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-based ACLs are enabled, allow remote attackers to read or modify the configuration via unspecified vectors, aka Bug ID CSCtu56709."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120229 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
},
{
"name": "20120229 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-0371",
"datePublished": "2012-03-01T01:00:00",
"dateReserved": "2012-01-04T00:00:00",
"dateUpdated": "2024-08-06T18:23:30.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1235
Vulnerability from cvelistv5
Published
2013-05-04 01:00
Modified
2024-09-17 02:58
Severity ?
EPSS score ?
Summary
Cisco Wireless LAN Controller (WLC) devices do not properly address the resource consumption of terminated TELNET sessions, which allows remote attackers to cause a denial of service (TELNET outage) by making many TELNET connections and improperly ending these connections, aka Bug ID CSCug35507.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1235 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:57:04.404Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130503 Cisco Wireless Lan Controller Telnet Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1235"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cisco Wireless LAN Controller (WLC) devices do not properly address the resource consumption of terminated TELNET sessions, which allows remote attackers to cause a denial of service (TELNET outage) by making many TELNET connections and improperly ending these connections, aka Bug ID CSCug35507."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-05-04T01:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130503 Cisco Wireless Lan Controller Telnet Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1235"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-1235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Wireless LAN Controller (WLC) devices do not properly address the resource consumption of terminated TELNET sessions, which allows remote attackers to cause a denial of service (TELNET outage) by making many TELNET connections and improperly ending these connections, aka Bug ID CSCug35507."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130503 Cisco Wireless Lan Controller Telnet Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1235"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-1235",
"datePublished": "2013-05-04T01:00:00Z",
"dateReserved": "2013-01-11T00:00:00Z",
"dateUpdated": "2024-09-17T02:58:04.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-0370
Vulnerability from cvelistv5
Published
2012-03-01 01:00
Modified
2024-08-06 18:23
Severity ?
EPSS score ?
Summary
Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service (device reload) via a sequence of (1) HTTP or (2) HTTPS packets, aka Bug ID CSCtt47435.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc | vendor-advisory, x_refsource_CISCO | |
| http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:23:31.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120229 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
},
{
"name": "20120229 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service (device reload) via a sequence of (1) HTTP or (2) HTTPS packets, aka Bug ID CSCtt47435."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T18:57:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20120229 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
},
{
"name": "20120229 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-0370",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service (device reload) via a sequence of (1) HTTP or (2) HTTPS packets, aka Bug ID CSCtt47435."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120229 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
},
{
"name": "20120229 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-0370",
"datePublished": "2012-03-01T01:00:00",
"dateReserved": "2012-01-04T00:00:00",
"dateUpdated": "2024-08-06T18:23:31.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-0369
Vulnerability from cvelistv5
Published
2012-03-01 01:00
Modified
2024-08-06 18:23
Severity ?
EPSS score ?
Summary
Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (device reload) via a sequence of IPv6 packets, aka Bug ID CSCtt07949.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc | vendor-advisory, x_refsource_CISCO | |
| http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:23:30.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120229 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
},
{
"name": "20120229 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (device reload) via a sequence of IPv6 packets, aka Bug ID CSCtt07949."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T18:57:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20120229 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
},
{
"name": "20120229 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-0369",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (device reload) via a sequence of IPv6 packets, aka Bug ID CSCtt07949."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120229 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
},
{
"name": "20120229 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-0369",
"datePublished": "2012-03-01T01:00:00",
"dateReserved": "2012-01-04T00:00:00",
"dateUpdated": "2024-08-06T18:23:30.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}