Lucene search

[email protected]NVD:CVE-2007-4012

HistoryJul 26, 2007 - 12:30 a.m.

CVE-2007-4012

2007-07-2600:30:00

[email protected]

web.nvd.nist.gov

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

6.6

Confidence

High

EPSS

0.024

Percentile

90.0%

JSON

Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (ARP storm) via a broadcast ARP packet that “targets the IP address of a known client context”, aka CSCsj50374.

Affected configurations

Nvd

Node

cisco4100_wireless_lan_controller

cisco4400_wireless_lan_controller

ciscoairespace_4000_wireless_lan_controller

ciscocatalyst_3750

ciscocatalyst_6500

AND

ciscowireless_lan_controller_softwareMatch3.2

ciscowireless_lan_controller_softwareMatch3.2.116.21

ciscowireless_lan_controller_softwareMatch4.0

ciscowireless_lan_controller_softwareMatch4.0.155.0

ciscowireless_lan_controller_softwareMatch4.1

VendorProductVersionCPE
cisco4100_wireless_lan_controller*cpe:2.3:h:cisco:4100_wireless_lan_controller:*:*:*:*:*:*:*:*
cisco4400_wireless_lan_controller*cpe:2.3:h:cisco:4400_wireless_lan_controller:*:*:*:*:*:*:*:*
ciscoairespace_4000_wireless_lan_controller*cpe:2.3:h:cisco:airespace_4000_wireless_lan_controller:*:*:*:*:*:*:*:*
ciscocatalyst_3750*cpe:2.3:h:cisco:catalyst_3750:*:*:*:*:*:*:*:*
ciscocatalyst_6500*cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*
ciscowireless_lan_controller_software3.2cpe:2.3:o:cisco:wireless_lan_controller_software:3.2:*:*:*:*:*:*:*
ciscowireless_lan_controller_software3.2.116.21cpe:2.3:o:cisco:wireless_lan_controller_software:3.2.116.21:*:*:*:*:*:*:*
ciscowireless_lan_controller_software4.0cpe:2.3:o:cisco:wireless_lan_controller_software:4.0:*:*:*:*:*:*:*
ciscowireless_lan_controller_software4.0.155.0cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.155.0:*:*:*:*:*:*:*
ciscowireless_lan_controller_software4.1cpe:2.3:o:cisco:wireless_lan_controller_software:4.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	4100_wireless_lan_controller	*	cpe:2.3:h:cisco:4100_wireless_lan_controller::::::::
cisco	4400_wireless_lan_controller	*	cpe:2.3:h:cisco:4400_wireless_lan_controller::::::::
cisco	airespace_4000_wireless_lan_controller	*	cpe:2.3:h:cisco:airespace_4000_wireless_lan_controller::::::::
cisco	catalyst_3750	*	cpe:2.3:h:cisco:catalyst_3750::::::::
cisco	catalyst_6500	*	cpe:2.3:h:cisco:catalyst_6500::::::::
cisco	wireless_lan_controller_software	3.2	cpe:2.3:o:cisco:wireless_lan_controller_software:3.2:::::::*
cisco	wireless_lan_controller_software	3.2.116.21	cpe:2.3:o:cisco:wireless_lan_controller_software:3.2.116.21:::::::*
cisco	wireless_lan_controller_software	4.0	cpe:2.3:o:cisco:wireless_lan_controller_software:4.0:::::::*
cisco	wireless_lan_controller_software	4.0.155.0	cpe:2.3:o:cisco:wireless_lan_controller_software:4.0.155.0:::::::*
cisco	wireless_lan_controller_software	4.1	cpe:2.3:o:cisco:wireless_lan_controller_software:4.1:::::::*

References

secunia.com/advisories/26161

www.cisco.com/en/US/products/products_security_advisory09186a008088ab28.shtml

www.securityfocus.com/bid/25043

www.securitytracker.com/id?1018444

www.vupen.com/english/advisories/2007/2636

exchange.xforce.ibmcloud.com/vulnerabilities/35576

exchange.xforce.ibmcloud.com/vulnerabilities/44591

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

6.6

Confidence

High

EPSS

0.024

Percentile

90.0%

JSON

Related for NVD:CVE-2007-4012

cve1 prion1 cvelist1 cisco1