4400 Wireless Lan Controller Security Vulnerabilities and Issues — 4400 Wireless Lan Controller CVE List

Lucene search

Cisco4400 Wireless Lan Controller

16 matches found

CVE•added 2013/05/04 3:24 a.m.•66 views

CVE-2013-1235

Cisco Wireless LAN Controller (WLC) devices do not properly address the resource consumption of terminated TELNET sessions, which allows remote attackers to cause a denial of service (TELNET outage) by making many TELNET connections and improperly ending these connections, aka Bug ID CSCug35507.

5CVSS7AI score0.00474EPSS

CVE•added 2012/03/01 1:55 a.m.•64 views

CVE-2012-0368

The administrative management interface on Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allows remote attackers to cause a denial of service (device crash) via a malformed URL in an HTTP request, aka...

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2013/01/24 9:55 p.m.•61 views

CVE-2013-1102

The Wireless Intrusion Prevention System (wIPS) component on Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.0, 7.1 and 7.2 before 7.2.110.0, and 7.3 before 7.3.101.0 allows remote attackers to cause a denial of service (device reload) via crafted IP packets, aka Bug ID...

7.8CVSS6.8AI score0.00644EPSS

CVE•added 2012/12/19 11:56 a.m.•53 views

CVE-2012-5992

Multiple cross-site request forgery (CSRF) vulnerabilities on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add administrative accounts via screens/aaa/mgmtuser_create.html or (2) inser...

6.8CVSS6.7AI score0.00321EPSS

CVE•added 2012/03/01 1:55 a.m.•52 views

CVE-2012-0369

Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (device reload) via a sequence of IPv6 packets, aka Bug ID CSCtt07949.

7.8CVSS6.9AI score0.00427EPSS

CVE•added 2012/03/01 1:55 a.m.•52 views

CVE-2012-0371

Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-based ACLs are enabled, allow remote attackers to read or modify the configuration via unspecified vectors, aka Bug ID CSCtu56709.

9.3CVSS6.9AI score0.00484EPSS

CVE•added 2012/12/19 11:56 a.m.•52 views

CVE-2012-5991

screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to cause a denial of service (device reload) via a certain buttonClicked value in an internal webauth_type request, aka Bug ID CSCud50209.

6.3CVSS6.3AI score0.04911EPSS

CVE•added 2013/01/24 9:55 p.m.•52 views

CVE-2013-1104

The HTTP Profiling functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.3.101.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP User-Agent header, aka Bug ID CSCuc15636.

9CVSS7.5AI score0.01184EPSS

CVE•added 2012/03/01 1:55 a.m.•51 views

CVE-2012-0370

Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service (device reload) via a sequence of (1) HTTP or (2) HTTPS packets, aka Bug ID CSCtt47435.

7.8CVSS6.9AI score0.00393EPSS

CVE•added 2007/04/16 9:19 p.m.•49 views

CVE-2007-2038

The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.193.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1) crafted SNAP packets, (2) malformed 802.11 traffic, o...

6.1CVSS6.6AI score0.00568EPSS

CVE•added 2012/12/19 11:56 a.m.•49 views

CVE-2012-6007

Cross-site scripting (XSS) vulnerability in screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to inject arbitrary web script or HTML via the headline parameter, aka Bug ID CSCud65187, a different vulnerability ...

4.3CVSS5.3AI score0.01442EPSS

CVE•added 2009/02/05 12:30 a.m.•48 views

CVE-2009-0058

The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial of service (web authentication outage or device rel...

6.1CVSS7.2AI score0.00404EPSS

CVE•added 2007/04/16 9:19 p.m.•45 views

CVE-2007-2041

Cisco Wireless LAN Controller (WLC) before 4.0.206.0 saves the WLAN ACL configuration with an invalid checksum, which prevents WLAN ACLs from being loaded at boot time, and might allow remote attackers to bypass intended access restrictions, aka Bug ID CSCse58195.

4CVSS6.7AI score0.00405EPSS

CVE•added 2009/02/05 12:30 a.m.•44 views

CVE-2009-0059

The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a denial of service (device reload) via a web authen...

7.8CVSS7AI score0.00985EPSS

CVE•added 2009/02/05 12:30 a.m.•44 views

CVE-2009-0061

Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC driver in the Cisco 4400 WLC, Cisco Catalyst 6500 and 7600 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.1 allows remote attackers to...

7.8CVSS6.8AI score0.00573EPSS

CVE•added 2013/01/24 9:55 p.m.•43 views

CVE-2013-1103

Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (Access Point reload) via crafted SIP packets, aka Bug ID CSCts87659.

7.8CVSS6.9AI score0.00708EPSS