Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-20131122-CVE-2013-6699
HistoryNov 22, 2013 - 4:06 p.m.

Cisco Wireless LAN Controller Buffer Overread Vulnerability

2013-11-2216:06:54
tools.cisco.com
26

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.002

Percentile

53.3%

JSON

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerability is due to insufficient data packet validation. An attacker could exploit this vulnerability by sending a crafted CAPWAP packet to the Cisco WLC.

Cisco has confirmed the vulnerability in a security notice; however, software updates are not available.

To exploit this vulnerability, the attacker may need access to trusted, internal networks in which the targeted device may reside to send crafted CAPWAP packets to the device. This access requirement may reduce the likelihood of a successful exploit.

Affected configurations

Vulners
Node
ciscowireless_lan_controllerMatch4.0
OR
ciscowireless_lan_controllerMatch3.2
OR
ciscowireless_lan_controllerMatch3.1
OR
ciscowireless_lan_controllerMatch4.1
OR
ciscowireless_lan_controllerMatch3.0
OR
ciscowireless_lan_controllerMatch4.2
OR
ciscowireless_lan_controllerMatch5.0
OR
ciscowireless_lan_controllerMatch5.1
OR
ciscowireless_lan_controllerMatch5.2
OR
ciscowireless_lan_controllerMatch6.0
OR
ciscowireless_lan_controllerMatch7.0
OR
ciscowireless_lan_controllerMatch7.1
OR
ciscowireless_lan_controllerMatch7.2
OR
ciscowireless_lan_controllerMatch7.4
OR
ciscowireless_lan_controllerMatch7.3
OR
ciscowireless_lan_controllerMatch4.0.196
OR
ciscowireless_lan_controllerMatch4.0.108
OR
ciscowireless_lan_controllerMatch4.0.155.5
OR
ciscowireless_lan_controllerMatch4.0.179.8
OR
ciscowireless_lan_controllerMatch4.0.179.11
OR
ciscowireless_lan_controllerMatch4.0.155.0
OR
ciscowireless_lan_controllerMatch4.0.206.0
OR
ciscowireless_lan_controllerMatch4.0.217.0
OR
ciscowireless_lan_controllerMatch4.0.219.0
OR
ciscowireless_lan_controllerMatch3.2.78.0
OR
ciscowireless_lan_controllerMatch3.2.116.21
OR
ciscowireless_lan_controllerMatch3.2.150.6
OR
ciscowireless_lan_controllerMatch3.2.150.10
OR
ciscowireless_lan_controllerMatch3.2.171.5
OR
ciscowireless_lan_controllerMatch3.2.171.6
OR
ciscowireless_lan_controllerMatch3.2.185.0
OR
ciscowireless_lan_controllerMatch3.2.195.10
OR
ciscowireless_lan_controllerMatch3.2.193.5
OR
ciscowireless_lan_controllerMatch3.1.105.0
OR
ciscowireless_lan_controllerMatch3.1.59.24
OR
ciscowireless_lan_controllerMatch3.1.111.0
OR
ciscowireless_lan_controllerMatchany
OR
ciscowireless_lan_controllerMatch4.1.181.0
OR
ciscowireless_lan_controllerMatch4.1.171.0
OR
ciscowireless_lan_controllerMatch4.1.185.0
OR
ciscowireless_lan_controllerMatchany
OR
ciscowireless_lan_controllerMatchany
OR
ciscowireless_lan_controllerMatch4.2.61.0
OR
ciscowireless_lan_controllerMatch4.2.99.0
OR
ciscowireless_lan_controllerMatch4.2.112.0
OR
ciscowireless_lan_controllerMatch4.2.130.0
OR
ciscowireless_lan_controllerMatch4.2.117.0
OR
ciscowireless_lan_controllerMatch4.2.173.0
OR
ciscowireless_lan_controllerMatch4.2.174.0
OR
ciscowireless_lan_controllerMatch4.2.176.0
OR
ciscowireless_lan_controllerMatch4.2.182.0
OR
ciscowireless_lan_controllerMatch5.0.148.0
OR
ciscowireless_lan_controllerMatch5.0.148.2
OR
ciscowireless_lan_controllerMatch5.1.151.0
OR
ciscowireless_lan_controllerMatch5.1.152.0
OR
ciscowireless_lan_controllerMatch5.1.160.0
OR
ciscowireless_lan_controllerMatch5.2.157.0
OR
ciscowireless_lan_controllerMatch5.2.169.0
OR
ciscowireless_lan_controllerMatchany
OR
ciscowireless_lan_controllerMatch6.0.182.0
OR
ciscowireless_lan_controllerMatch6.0.188.0
OR
ciscowireless_lan_controllerMatch6.0.196.0
OR
ciscowireless_lan_controllerMatch6.0.199.4
OR
ciscowireless_lan_controllerMatch6.0.202.0
OR
ciscowireless_lan_controllerMatchany
OR
ciscowireless_lan_controllerMatch7.0.98.0
OR
ciscowireless_lan_controllerMatch7.0.116.0
OR
ciscowireless_lan_controllerMatch7.0.98.218
OR
ciscowireless_lan_controllerMatch7.0.220.0
OR
ciscowireless_lan_controllerMatchany
OR
ciscowireless_lan_controllerMatch7.1.91.0
OR
ciscowireless_lan_controllerMatchany
OR
ciscowireless_lan_controllerMatch7.2.103.0
OR
ciscowireless_lan_controllerMatch7.4.100.0
OR
ciscowireless_lan_controllerMatch7.4.100.60
OR
ciscowireless_lan_controllerMatch7.4.110.0
OR
ciscowireless_lan_controllerMatchany
OR
ciscowireless_lan_controllerMatch7.3.101.0
OR
ciscowireless_lan_controllerMatch7.3.112.0
VendorProductVersionCPE
ciscowireless_lan_controller4.0cpe:2.3:h:cisco:wireless_lan_controller:4.0:*:*:*:*:*:*:*
ciscowireless_lan_controller3.2cpe:2.3:h:cisco:wireless_lan_controller:3.2:*:*:*:*:*:*:*
ciscowireless_lan_controller3.1cpe:2.3:h:cisco:wireless_lan_controller:3.1:*:*:*:*:*:*:*
ciscowireless_lan_controller4.1cpe:2.3:h:cisco:wireless_lan_controller:4.1:*:*:*:*:*:*:*
ciscowireless_lan_controller3.0cpe:2.3:h:cisco:wireless_lan_controller:3.0:*:*:*:*:*:*:*
ciscowireless_lan_controller4.2cpe:2.3:h:cisco:wireless_lan_controller:4.2:*:*:*:*:*:*:*
ciscowireless_lan_controller5.0cpe:2.3:h:cisco:wireless_lan_controller:5.0:*:*:*:*:*:*:*
ciscowireless_lan_controller5.1cpe:2.3:h:cisco:wireless_lan_controller:5.1:*:*:*:*:*:*:*
ciscowireless_lan_controller5.2cpe:2.3:h:cisco:wireless_lan_controller:5.2:*:*:*:*:*:*:*
ciscowireless_lan_controller6.0cpe:2.3:h:cisco:wireless_lan_controller:6.0:*:*:*:*:*:*:*
Rows per page:
1-10 of 721

Related

prion 1
cvelist 1
nvd 1
cve 1
prion
prion
Design/Logic Flaw
2013-11-22 19:55:00
cvelist
cvelist
CVE-2013-6699
2013-11-22 17:00:00
nvd
nvd
CVE-2013-6699
2013-11-22 19:55:09
cve
cve
CVE-2013-6699
2013-11-22 19:55:09

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.002

Percentile

53.3%

JSON
Related for CISCO-SA-20131122-CVE-2013-6699
prion1cvelist1nvd1cve1