var-201510-0007
Vulnerability from variot
Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0), 7.3(101.0), and 7.4(1.19) allow remote attackers to cause a denial of service (device outage) by sending malformed 802.11i management data to a managed access point, aka Bug ID CSCub65236. Vendors have confirmed this vulnerability Bug ID CSCub65236 It is released as.A third party may use a malformed form for managed access points. 802.11i Service operation is disrupted by sending management data ( Stop device ) There is a possibility of being put into a state. Attackers can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCub65236. This product provides functions such as security policy and intrusion detection in wireless LAN. The following releases are affected: Cisco WLCs using Release 7.4(1.19), Release 7.3(101.0), and Release 7.0(240.0) software
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0007",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.3\\(101.0\\)"
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.4\\(1.19\\)"
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.0\\(240.0\\)"
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "7.3.101.0"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7.0(240.0)"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7.3(101.0)"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7.4(1.19)"
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.0240.0"
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.41.19"
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.2400"
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4.1.19"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06556"
},
{
"db": "BID",
"id": "76945"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005177"
},
{
"db": "NVD",
"id": "CVE-2015-6311"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-081"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:wireless_lan_controller:7.0\\(240.0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:wireless_lan_controller:7.4\\(1.19\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:wireless_lan_controller:7.3\\(101.0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6311"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "76945"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6311",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-6311",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CNVD-2015-06556",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "VHN-84272",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-6311",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2015-06556",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-081",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84272",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06556"
},
{
"db": "VULHUB",
"id": "VHN-84272"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005177"
},
{
"db": "NVD",
"id": "CVE-2015-6311"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-081"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0), 7.3(101.0), and 7.4(1.19) allow remote attackers to cause a denial of service (device outage) by sending malformed 802.11i management data to a managed access point, aka Bug ID CSCub65236. Vendors have confirmed this vulnerability Bug ID CSCub65236 It is released as.A third party may use a malformed form for managed access points. 802.11i Service operation is disrupted by sending management data ( Stop device ) There is a possibility of being put into a state. \nAttackers can exploit this issue to cause a denial-of-service condition. \nThis issue is being tracked by Cisco Bug ID CSCub65236. This product provides functions such as security policy and intrusion detection in wireless LAN. The following releases are affected: Cisco WLCs using Release 7.4(1.19), Release 7.3(101.0), and Release 7.0(240.0) software",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6311"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005177"
},
{
"db": "CNVD",
"id": "CNVD-2015-06556"
},
{
"db": "BID",
"id": "76945"
},
{
"db": "VULHUB",
"id": "VHN-84272"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6311",
"trust": 3.4
},
{
"db": "SECTRACK",
"id": "1033731",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005177",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201510-081",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-06556",
"trust": 0.6
},
{
"db": "BID",
"id": "76945",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-84272",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06556"
},
{
"db": "VULHUB",
"id": "VHN-84272"
},
{
"db": "BID",
"id": "76945"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005177"
},
{
"db": "NVD",
"id": "CVE-2015-6311"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-081"
}
]
},
"id": "VAR-201510-0007",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06556"
},
{
"db": "VULHUB",
"id": "VHN-84272"
}
],
"trust": 1.2126263
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06556"
}
]
},
"last_update_date": "2023-12-18T13:09:10.001000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco-SA-20151002-CVE-2015-6311",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151002-cve-2015-6311"
},
{
"title": "41249",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=41249"
},
{
"title": "Cisco Wireless LAN Controller 802.11i Manages Patches for Frame Handling Denial of Service Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/65138"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06556"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005177"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84272"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005177"
},
{
"db": "NVD",
"id": "CVE-2015-6311"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=41249"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1033731"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6311"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6311"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06556"
},
{
"db": "VULHUB",
"id": "VHN-84272"
},
{
"db": "BID",
"id": "76945"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005177"
},
{
"db": "NVD",
"id": "CVE-2015-6311"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-081"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-06556"
},
{
"db": "VULHUB",
"id": "VHN-84272"
},
{
"db": "BID",
"id": "76945"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005177"
},
{
"db": "NVD",
"id": "CVE-2015-6311"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-081"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-06556"
},
{
"date": "2015-10-08T00:00:00",
"db": "VULHUB",
"id": "VHN-84272"
},
{
"date": "2015-10-02T00:00:00",
"db": "BID",
"id": "76945"
},
{
"date": "2015-10-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005177"
},
{
"date": "2015-10-08T20:59:03.380000",
"db": "NVD",
"id": "CVE-2015-6311"
},
{
"date": "2015-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-081"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-06556"
},
{
"date": "2017-01-04T00:00:00",
"db": "VULHUB",
"id": "VHN-84272"
},
{
"date": "2015-10-02T00:00:00",
"db": "BID",
"id": "76945"
},
{
"date": "2015-10-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005177"
},
{
"date": "2017-01-04T19:28:27.540000",
"db": "NVD",
"id": "CVE-2015-6311"
},
{
"date": "2015-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-081"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-081"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Wireless LAN Controller Service disruption in device software (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005177"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-081"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.