Lucene search
+L

49 matches found

UbuntuCve
UbuntuCve
added 2019/12/03 2:15 p.m.29 views

CVE-2013-2106

webauth before 4.6.1 has authentication credential disclosure...

7.5CVSS7.1AI score0.01576EPSS
Exploits0References1
Prion
Prion
added 2019/12/03 2:15 p.m.17 views

Design/Logic Flaw

webauth before 4.6.1 has authentication credential disclosure...

5CVSS7.2AI score0.01576EPSS
Exploits0References3Affected Software2
CVE
CVE
added 2019/12/03 1:21 p.m.58 views

CVE-2013-2106

Technical details (affected product, component, version, root cause or fix) are not publicly available in the provided documents; monitor for updates.

7.5CVSS7.5AI score0.01576EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/12/03 1:21 p.m.25 views

CVE-2013-2106

webauth before 4.6.1 has authentication credential disclosure...

7.6AI score0.01576EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2019/12/03 1:21 p.m.36 views

CVE-2013-2106

webauth before 4.6.1 has authentication credential disclosure...

7.5CVSS2.3AI score0.01576EPSS
Exploits0
OSV
OSV
added 2018/05/02 10:29 p.m.4 views

CVE-2018-0247

A vulnerability in Web Authentication WebAuth clients for the Cisco Wireless LAN Controller WLC and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulnerability is due to incorrect implementation of...

4.7CVSS5.8AI score0.00947EPSS
Exploits0References4
CVE
CVE
added 2018/05/02 10:0 p.m.62 views

CVE-2018-0247

The CVE-2018-0247 entry describes an authentication bypass in Web Authentication (WebAuth) clients used by Cisco IOS on Cisco Aironet Access Points and Wireless LAN Controllers (WLCs). Affected configurations require: AP in FlexConnect NAT mode, WLAN in central switching (unique IP per client), A...

4.7CVSS5AI score0.00947EPSS
Exploits0References4Affected Software1
Cisco
Cisco
added 2018/05/02 4:0 p.m.51 views

Cisco Wireless LAN Controller and Aironet Access Points IOS WebAuth Client Authentication Bypass Vulnerability

A vulnerability in Web Authentication WebAuth clients for the Cisco Wireless LAN Controller WLC and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulnerability is due to incorrect implementation of...

4.7CVSS1.4AI score0.00947EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.6 views

The vulnerability of the Cisco Wireless LAN Controller 2100 software allows a malicious individual to cause service failure.

Vulnerability exists in Cisco Wireless LAN Controller WLC devices due to improper memory release. This allows malicious actors operating remotely to trigger a service failure by sending frequent WebAuth authorization requests...

7.8CVSS5.5AI score0.0134EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.9 views

The vulnerability of the Cisco Wireless LAN Controller 4100 software allows a malicious individual to cause service failure.

Vulnerability exists in Cisco Wireless LAN Controller WLC devices due to improper memory release. This allows malicious actors operating remotely to trigger a service failure by sending frequent WebAuth authorization requests...

7.8CVSS5.5AI score0.0134EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.8 views

The vulnerability of the Cisco Wireless LAN Controller 2000 software allows a malicious individual to cause service failure.

Vulnerability exists in Cisco Wireless LAN Controller WLC devices due to improper memory release. This allows malicious actors operating remotely to trigger a service failure by sending frequent WebAuth authorization requests...

7.8CVSS5.5AI score0.0134EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2014/07/11 8:55 p.m.25 views

CVE-2014-3821

Cross-site scripting XSS vulnerability in SRX Web Authentication webauth in Juniper Junos 11.4 before 11.4R11, 12.1X44 before 12.1X44-D34, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, and 12.1X47 before 12.1X47-D10 allows remote attackers to inject arbitrary web script or HTML via...

4.3CVSS5.7AI score0.01192EPSS
Exploits1References3
Prion
Prion
added 2014/04/23 11:52 a.m.22 views

Code injection

The ios-authproxy implementation in Cisco IOS before 15.11SY3 allows remote attackers to cause a denial of service webauth and HTTP service outage via vectors that trigger incorrectly terminated HTTP sessions, aka Bug ID CSCtz99447...

5CVSS7.1AI score0.0128EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/03/14 12:0 a.m.40 views

Multiple Vulnerabilities in Cisco Wireless LAN Controllers (cisco-sa-20140305-wlc)

The remote Cisco Wireless LAN Controller WLC is affected by one or more of the following vulnerabilities : - Errors exist related to the handling of specially crafted ethernet 802.11 frames that could allow denial of service attacks. CSCue87929, CSCuf80681 - An error exists related to the handlin...

10CVSS5.8AI score0.02016EPSS
Exploits6References7
seebug.org
seebug.org
added 2014/03/11 12:0 a.m.33 views

Cisco Wireless LAN Controller拒绝服务漏洞

Bugtraq ID:65977 CVE ID:CVE-2014-0701 Cisco Wireless LAN Controller负责全系统的无线LAN功能,例如安全策略、入侵保护、RF管理,服务质量和移动性。 Cisco Wireless LAN Controller WebAuth功能存在安全漏洞,允许未验证远程攻击者使设备重载。 由于处理WebAuth登录过程中未能释放使用的内存,允许攻击者高速提交大量WebAuth请求,可使设备进行不稳定状态,消耗大量内存造成设备重启。 0 Cisco Wireless LAN Controller 7.0 Cisco Wireless LA...

7.8CVSS6.6AI score0.0134EPSS
Exploits1
Prion
Prion
added 2014/03/06 11:55 a.m.17 views

Design/Logic Flaw

Cisco Wireless LAN Controller WLC devices 7.0 before 7.0.250.0, 7.2, 7.3, and 7.4 before 7.4.110.0 do not properly deallocate memory, which allows remote attackers to cause a denial of service reboot by sending WebAuth login requests at a high rate, aka Bug ID CSCuf52361...

7.8CVSS7.2AI score0.0134EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2012/03/01 1:55 a.m.21 views

CVE-2012-0370

Cisco Wireless LAN Controller WLC devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service device reload via a sequence of 1 HTTP or 2 HTTPS packets, aka Bug ID CSCtt47435...

7.8CVSS6.7AI score0.01318EPSS
Exploits0References2
Prion
Prion
added 2012/03/01 1:55 a.m.22 views

Code injection

Cisco Wireless LAN Controller WLC devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service device reload via a sequence of 1 HTTP or 2 HTTPS packets, aka Bug ID CSCtt47435...

7.8CVSS7.3AI score0.01318EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2012/03/01 1:0 a.m.34 views

CVE-2012-0370

Cisco Wireless LAN Controller WLC devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service device reload via a sequence of 1 HTTP or 2 HTTPS packets, aka Bug ID CSCtt47435...

6.7AI score0.01318EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2009/09/15 10:30 p.m.33 views

CVE-2009-2945

weblogin/login.fcgi aka the WebLogin login script in Stanford University WebAuth 3.5.5, 3.6.0, and 3.6.1 places passwords in URLs in certain circumstances involving conversion of a POST request to a GET request, which allows context-dependent attackers to discover passwords by reading 1 web-serve...

4.3CVSS5.9AI score0.00865EPSS
Exploits0References1
Rows per page
Query Builder