CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:N/I:N/A:C
EPSS
Percentile
73.2%
A vulnerability in the Web Administrator Interface of Cisco Wireless LAN Controllers (WLC) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.
The vulnerability is due to a failure to properly validate certain parameters prior to processing them on the device. An authenticated attacker with an account that is a member of either the Full Manager, Read Only, or Lobby Ambassador managers group could exploit this vulnerability by submitting a request to the affected device that contains a missing or malformed value for specific parameters. An exploit could allow the attacker to crash the device, resulting in a DoS condition, during a system reboot.
Cisco has confirmed the vulnerability in a security notice and released software updates.
To exploit this vulnerability, an attacker must authenticate to the targeted device. This access requirement limits the likelihood of a successful exploit.
Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | wireless_lan_controller | 4.0 | cpe:2.3:h:cisco:wireless_lan_controller:4.0:*:*:*:*:*:*:* |
cisco | wireless_lan_controller | 3.2 | cpe:2.3:h:cisco:wireless_lan_controller:3.2:*:*:*:*:*:*:* |
cisco | wireless_lan_controller | 3.1 | cpe:2.3:h:cisco:wireless_lan_controller:3.1:*:*:*:*:*:*:* |
cisco | wireless_lan_controller | 4.1 | cpe:2.3:h:cisco:wireless_lan_controller:4.1:*:*:*:*:*:*:* |
cisco | wireless_lan_controller | 3.0 | cpe:2.3:h:cisco:wireless_lan_controller:3.0:*:*:*:*:*:*:* |
cisco | wireless_lan_controller | 4.2 | cpe:2.3:h:cisco:wireless_lan_controller:4.2:*:*:*:*:*:*:* |
cisco | wireless_lan_controller | 5.0 | cpe:2.3:h:cisco:wireless_lan_controller:5.0:*:*:*:*:*:*:* |
cisco | wireless_lan_controller | 5.1 | cpe:2.3:h:cisco:wireless_lan_controller:5.1:*:*:*:*:*:*:* |
cisco | wireless_lan_controller | 5.2 | cpe:2.3:h:cisco:wireless_lan_controller:5.2:*:*:*:*:*:*:* |
cisco | wireless_lan_controller | 6.0 | cpe:2.3:h:cisco:wireless_lan_controller:6.0:*:*:*:*:*:*:* |