Lucene search

MitreCVE-2007-4012

HistoryJul 26, 2007 - 12:30 a.m.

CVE-2007-4012

2007-07-2600:30:00

mitre

web.nvd.nist.gov

cisco

airespace

catalyst

wireless lan controller

denial of service

arp

cscsj50374

nvd

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

6.6

Confidence

High

EPSS

0.024

Percentile

90.0%

JSON

Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (ARP storm) via a broadcast ARP packet that “targets the IP address of a known client context”, aka CSCsj50374.

Affected configurations

Nvd

Node

cisco4100_wireless_lan_controller

cisco4400_wireless_lan_controller

ciscoairespace_4000_wireless_lan_controller

ciscocatalyst_3750

ciscocatalyst_6500

AND

ciscowireless_lan_controller_softwareMatch3.2

ciscowireless_lan_controller_softwareMatch3.2.116.21

ciscowireless_lan_controller_softwareMatch4.0

ciscowireless_lan_controller_softwareMatch4.0.155.0

ciscowireless_lan_controller_softwareMatch4.1

VendorProductVersionCPE
cisco4100_wireless_lan_controller*cpe:2.3:h:cisco:4100_wireless_lan_controller:*:*:*:*:*:*:*:*
cisco4400_wireless_lan_controller*cpe:2.3:h:cisco:4400_wireless_lan_controller:*:*:*:*:*:*:*:*
ciscoairespace_4000_wireless_lan_controller*cpe:2.3:h:cisco:airespace_4000_wireless_lan_controller:*:*:*:*:*:*:*:*
ciscocatalyst_3750*cpe:2.3:h:cisco:catalyst_3750:*:*:*:*:*:*:*:*
ciscocatalyst_6500*cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*
ciscowireless_lan_controller_software3.2cpe:2.3:o:cisco:wireless_lan_controller_software:3.2:*:*:*:*:*:*:*
ciscowireless_lan_controller_software3.2.116.21cpe:2.3:o:cisco:wireless_lan_controller_software:3.2.116.21:*:*:*:*:*:*:*
ciscowireless_lan_controller_software4.0cpe:2.3:o:cisco:wireless_lan_controller_software:4.0:*:*:*:*:*:*:*
ciscowireless_lan_controller_software4.0.155.0cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.155.0:*:*:*:*:*:*:*
ciscowireless_lan_controller_software4.1cpe:2.3:o:cisco:wireless_lan_controller_software:4.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	4100_wireless_lan_controller	*	cpe:2.3:h:cisco:4100_wireless_lan_controller::::::::
cisco	4400_wireless_lan_controller	*	cpe:2.3:h:cisco:4400_wireless_lan_controller::::::::
cisco	airespace_4000_wireless_lan_controller	*	cpe:2.3:h:cisco:airespace_4000_wireless_lan_controller::::::::
cisco	catalyst_3750	*	cpe:2.3:h:cisco:catalyst_3750::::::::
cisco	catalyst_6500	*	cpe:2.3:h:cisco:catalyst_6500::::::::
cisco	wireless_lan_controller_software	3.2	cpe:2.3:o:cisco:wireless_lan_controller_software:3.2:::::::*
cisco	wireless_lan_controller_software	3.2.116.21	cpe:2.3:o:cisco:wireless_lan_controller_software:3.2.116.21:::::::*
cisco	wireless_lan_controller_software	4.0	cpe:2.3:o:cisco:wireless_lan_controller_software:4.0:::::::*
cisco	wireless_lan_controller_software	4.0.155.0	cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.155.0:::::::*
cisco	wireless_lan_controller_software	4.1	cpe:2.3:o:cisco:wireless_lan_controller_software:4.1:::::::*

References

secunia.com/advisories/26161

www.cisco.com/en/US/products/products_security_advisory09186a008088ab28.shtml

www.securityfocus.com/bid/25043

www.securitytracker.com/id?1018444

www.vupen.com/english/advisories/2007/2636

exchange.xforce.ibmcloud.com/vulnerabilities/35576

exchange.xforce.ibmcloud.com/vulnerabilities/44591

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

6.6

Confidence

High

EPSS

0.024

Percentile

90.0%

JSON

Related for CVE-2007-4012