CVE-2014-0703

2014-03-0611:55:05

CWE-362

[email protected]

web.nvd.nist.gov

cisco

wireless lan controller

wlc

aironet

ios software

race condition

access restrictions

cve-2014-0703

bug id cscuf66202

nvd

6.8 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

74.4%

JSON

Cisco Wireless LAN Controller (WLC) devices 7.4 before 7.4.110.0 distribute Aironet IOS software with a race condition in the status of the administrative HTTP server, which allows remote attackers to bypass intended access restrictions by connecting to an Aironet access point on which this server had been disabled ineffectively, aka Bug ID CSCuf66202.

Affected configurations

NVD

Node

ciscowireless_lan_controller_softwareMatch7.4.100.0

ciscowireless_lan_controller_softwareMatch7.4.100.60

AND

ciscowireless_lan_controller

CPENameOperatorVersion
cisco:wireless_lan_controller_softwarecisco wireless lan controller softwareeq7.4.100.0
cisco:wireless_lan_controller_softwarecisco wireless lan controller softwareeq7.4.100.60
cisco:wireless_lan_controllercisco wireless lan controllereq*

CPE	Name	Operator	Version
cisco:wireless_lan_controller_software	cisco wireless lan controller software	eq	7.4.100.0
cisco:wireless_lan_controller_software	cisco wireless lan controller software	eq	7.4.100.60
cisco:wireless_lan_controller	cisco wireless lan controller	eq	*