73 matches found
The vulnerability of the GAS frame processing function in the 802.11 protocol of Cisco Wireless LAN Controllers allows a attacker to induce a service failure.
The vulnerability of the Generic Advertising Service GAS frame processing function in Cisco Wireless LAN Controllers based on the 802.11 protocol is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure ...
Cisco IOS XE Software, Catalyst, and NGWC GUI Privilege Escalation (cisco-sa-20170927-ngwc)
According to its self-reported version, Cisco IOS XE Software is affected by a privilege escalation vulnerability in the web-based Wireless Controller GUI for Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E Wireless Switches, and Cisco New Generation Wireless...
Input validation
A vulnerability in the implementation of 802.11v Basic Service Set BSS Transition Management functionality in Cisco Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. The...
CVE-2017-12280
A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP Discovery Request parsing functionality of Cisco Wireless LAN Controllers could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly, resulting in a denial of service DoS...
Input validation
A vulnerability in the Access Network Query Protocol ANQP ingress frame processing functionality of Cisco Wireless LAN Controllers could allow an unauthenticated, Layer 2 RF-adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service DoS condition. The...
CVE-2017-12275
A vulnerability in the implementation of 802.11v Basic Service Set BSS Transition Management functionality in Cisco Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. The...
CVE-2017-12278
A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco Wireless LAN Controllers could allow an authenticated, remote attacker to cause an affected device to restart, resulting in a denial of service DoS condition. The vulnerability is due to a memory leak that occurs on...
Input validation
A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP Discovery Request parsing functionality of Cisco Wireless LAN Controllers could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly, resulting in a denial of service DoS...
CVE-2017-12278
CVE-2017-12278 affects Cisco Wireless LAN Controllers via a memory-leak in the SNMP subsystem that can exhaust memory and cause a reboot/DoS when an attacker who has SNMP credentials polls specific MIBs. Exploitation requires authenticated access (SNMP v2 read or SNMP v3 credentials); memory depl...
CVE-2017-12280
Cisco WLCs are affected by CVE-2017-12280 due to incomplete input validation in CAPWAP Discovery Request parsing, allowing unauthenticated remote attackers to cause a restart and DoS. The issue impacts Cisco Wireless LAN Controllers; exploitation involves sending crafted CAPWAP Discovery Request ...
CVE-2017-12282
CVE-2017-12282 affects Cisco Wireless LAN Controllers (WLC) and relates to the ANQP ingress frame processing. The root cause is incomplete input validation of ANQP query frames, which can be exploited by an unauthenticated, Layer 2 RF-adjacent attacker on an RF-adjacent network to cause the affec...
CVE-2017-12278
A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco Wireless LAN Controllers could allow an authenticated, remote attacker to cause an affected device to restart, resulting in a denial of service DoS condition. The vulnerability is due to a memory leak that occurs on...
CVE-2017-12282
A vulnerability in the Access Network Query Protocol ANQP ingress frame processing functionality of Cisco Wireless LAN Controllers could allow an unauthenticated, Layer 2 RF-adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service DoS condition. The...
CVE-2017-12275
A vulnerability in the implementation of 802.11v Basic Service Set BSS Transition Management functionality in Cisco Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. The...
CVE-2017-12222
A vulnerability in the wireless controller manager of Cisco IOS XE could allow an unauthenticated, adjacent attacker to cause a restart of the switch and result in a denial of service DoS condition. The vulnerability is due to insufficient input validation. An attacker could exploit this...
CVE-2017-12226
A vulnerability in the web-based Wireless Controller GUI of Cisco IOS XE Software for Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E Wireless Switches, and Cisco New Generation Wireless Controllers NGWC 3850 could allow an authenticated, remote attacker to elevate...
CVE-2016-9197
A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, local attacker to obtain access to the underlying operating system shell with root-level privileges. More Information: CSCvb70351. Known Affected...
CVE-2016-9197
CVE-2016-9197 affects Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers. The root cause is a vulnerability in the CLI command parser due to incorrect permissions assigned to configured users, enabling an authenticated, local attacker to obtain access to the underlying operating...
Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers Shell Bypass Vulnerability
A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, local attacker to obtain access to the underlying operating system shell with root-level privileges. Copyright C 2017 Greenbone Networks GmbH Some te...
Cisco Wireless LAN Controller Web Administration Interface Authenticated Remote Denial of Service Vulnerability
A vulnerability in the web administration interface of Cisco Wireless LAN Controllers WLC could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper validation of certain parameters submitted as part of form...