Lucene search
K
CiscoWireless Lan Controller

26 matches found

CVE
CVE
added 2013/05/04 1:0 a.m.77 views

CVE-2013-1235

CVE-2013-1235 affects Cisco Wireless LAN Controller (WLC) software. The issue is the improper cleanup of terminated remote Telnet sessions, allowing an unauthenticated, remote attacker to exhaust Telnet resources and cause a denial of service (Telnet outage) by opening many Telnet connections and...

5CVSS7AI score0.01232EPSS
CVE
CVE
added 2020/09/24 5:50 p.m.76 views

CVE-2020-3560

Cisco Aironet Access Points are affected by CVE-2020-3560 due to improper resource management when processing certain UDP packets. An unauthenticated, remote attacker could leverage crafted UDP traffic to a specific port to cause a DoS, either by tearing down the AP–WLC connection or by forcing t...

8.6CVSS8.5AI score0.01415EPSS
CVE
CVE
added 2018/10/17 10:0 p.m.75 views

CVE-2018-0417

Cisco WLC GUI Privilege Escalation (CVE-2018-0417): A TACACS parsing flaw in Cisco Wireless LAN Controller Software GUI allows an authenticated, local attacker to create local admin accounts and run commands beyond CLI permissions. Root cause: improper parsing of a TACACS attribute in responses f...

7.8CVSS7.8AI score0.03163EPSS
CVE
CVE
added 2019/04/18 12:45 a.m.65 views

CVE-2019-1796

CVE-2019-1796 affects Cisco Wireless LAN Controller (WLC) software due to improper validation of input in Inter-Access Point Protocol (IAPP) messages. An unauthenticated adjacent attacker can send malicious IAPP messages to trigger a reload of the WLC, causing a DoS. Affected software versions in...

7.4CVSS6.5AI score0.00646EPSS
CVE
CVE
added 2014/03/06 11:0 a.m.64 views

CVE-2014-0703

Cisco WLC devices running 7.4 before 7.4.110.0 distribute Aironet IOS software that contains a race condition in the status of the administrative HTTP server. This allows remote attackers to bypass access restrictions by connecting to an Aironet AP where the server was disabled ineffectively. The...

10CVSS6.8AI score0.02016EPSS
CVE
CVE
added 2014/03/06 11:0 a.m.64 views

CVE-2014-0704

CVE-2014-0704 affects Cisco Wireless LAN Controller (WLC) IGMP handling. When IGMPv3 Snooping is enabled, a crafted field in an IGMPv3 message can trigger a memory over-read in the IGMP subsystem, causing a DoS via device restart. Affected releases include WLC 4.x, 5.x, 6.x, 7.0 before 7.0.250.0,...

7.1CVSS6.7AI score0.01178EPSS
CVE
CVE
added 2019/04/18 12:45 a.m.62 views

CVE-2019-1799

Cisco Wireless LAN Controller (WLC) Software is affected by CVE-2019-1799 due to improper validation of fields in Inter-Access Point Protocol (IAPP) messages, enabling an unauthenticated adjacent attacker to cause a DoS by forcing a reload. Affected releases include versions prior to 8.2.170.0, 8...

7.4CVSS6.5AI score0.00646EPSS
CVE
CVE
added 2014/03/06 11:0 a.m.60 views

CVE-2014-0706

CVE-2014-0706 affects Cisco Wireless LAN Controller (WLC) devices: 7.2 before 7.2.115.2, 7.3, and 7.4 before 7.4.110.0. A crafted 802.11 Ethernet frame can be processed in a way that causes a denial of service, resulting in a device restart. Root cause is improper handling of forged/crafted Ether...

7.8CVSS6.8AI score0.0134EPSS
CVE
CVE
added 2014/03/06 11:0 a.m.59 views

CVE-2014-0707

CVE-2014-0707 affects Cisco Wireless LAN Controller (WLC) devices in versions 7.2, 7.3, and 7.4 prior to 7.4.110.0. The vulnerability allows remote attackers to cause a denial of service (device restart) by sending a crafted 802.11 Ethernet frame. Root cause is related to how WLC handles these fr...

7.8CVSS6.8AI score0.0134EPSS
CVE
CVE
added 2017/04/06 6:0 p.m.59 views

CVE-2016-9194

CVE-2016-9194 affects Cisco Wireless LAN Controller (WLC) firmware, where a DoS can be triggered by unauthenticated adjacent attackers via malformed 802.11 WME frames due to incomplete input validation of the WME packet header in 802.11 WME action frame processing. Impact is a WLC reload (DoS). F...

6.5CVSS6.5AI score0.00779EPSS
CVE
CVE
added 2013/02/28 11:0 p.m.58 views

CVE-2013-1141

CVE-2013-1141 affects Cisco Wireless LAN Controller (WLC) devices running software 7.4.1.54 and earlier. The issue is in the mDNS snooping feature where improper buffer handling can be exploited by crafted mDNS packets to trigger a denial of service (device reload) by remote authenticated users. ...

6.1CVSS6.6AI score0.00566EPSS
CVE
CVE
added 2020/09/24 5:51 p.m.57 views

CVE-2020-3559

CVE-2020-3559 affects Cisco Aironet Access Point (AP) Software. The vulnerability arises from improper handling of clients attempting to connect to the AP, allowing an unauthenticated, remote attacker to send authentication requests from multiple clients and cause the affected device to reload, r...

8.6CVSS7.4AI score0.01404EPSS
CVE
CVE
added 2019/04/18 1:0 a.m.56 views

CVE-2019-1800

CVE-2019-1800 affects Cisco Wireless LAN Controller Software: IAPP message handling vulnerabilities allow an unauthenticated adjacent attacker to trigger a DoS by sending crafted IAPP packets. Root cause is improper validation of fields within IAPP messages, and exploitation can cause the WLC to ...

7.4CVSS6.5AI score0.0052EPSS
CVE
CVE
added 2020/09/24 5:51 p.m.56 views

CVE-2020-3552

CVE-2020-3552 affects Cisco Aironet Access Points (APs) with vulnerable Ethernet packet handling. An unauthenticated, adjacent attacker can send a rapid sequence of crafted packets to the Ethernet interface, triggering insufficient input validation and a NULL pointer access that reloads the devic...

7.4CVSS7.4AI score0.00486EPSS
CVE
CVE
added 2013/11/22 5:0 p.m.55 views

CVE-2013-6698

CVE-2013-6698 concerns the web interface of Cisco Wireless LAN Controller (WLC). The vulnerability stems from insufficient restrictions on iframe usage, enabling cross-frame scripting (XFS) and clickjacking-like attacks via a crafted page. Affected component is the WLC web UI; root cause is inade...

4.3CVSS6.7AI score0.00806EPSS
CVE
CVE
added 2015/10/08 8:0 p.m.55 views

CVE-2015-6311

CVE-2015-6311 affects Cisco Wireless LAN Controller (WLC) firmware versions 7.0(240.0), 7.3(101.0), and 7.4(1.19). The root cause is not discarding certain malformed 802.11i management frames from clients, allowing an unauthenticated adjacent attacker to cause a denial-of-service (device outage) ...

6.1CVSS6.9AI score0.00772EPSS
CVE
CVE
added 2013/10/03 10:0 a.m.54 views

CVE-2013-5519

Cisco WLC Web-Based Management Interface XSS (CVE-2013-5519) affects Cisco Wireless LAN Controllers through an XSS flaw in the web UI caused by insufficient input validation of a user-supplied value. An unauthenticated, remote attacker could entice a user to click a crafted URL to execute arbitra...

4.3CVSS5.8AI score0.01161EPSS
CVE
CVE
added 2014/06/08 4:0 p.m.53 views

CVE-2014-3291

Cisco Wireless LAN Controllers are affected by CVE-2014-3291 due to a NULL value in Cisco Discovery Protocol packet data not properly handled during SNMP polling. The vulnerability, described in Cisco's advisory, can be exploited by an unauthenticated, adjacent attacker who convinces a user to pe...

5.7CVSS6.9AI score0.01022EPSS
CVE
CVE
added 2014/03/06 11:0 a.m.51 views

CVE-2014-0705

The CVE-2014-0705 issue affects Cisco Wireless LAN Controllers (WLC) where the MLDv2 Snooping feature, when handling malformed IPv6 MLDv2 packets, can trigger a denial of service (device restart). Affected IOS/WLC versions are 7.2, 7.3, 7.4 prior to 7.4.121.0, and 7.5. Cisco released a security a...

7.1CVSS6.8AI score0.01689EPSS
CVE
CVE
added 2013/11/13 3:0 p.m.49 views

CVE-2013-6684

Cisco WLC CVE-2013-6684 affects the web framework in Cisco Wireless LAN Controllers. The vulnerability stems from improper validation of configuration parameters, enabling remote authenticated users to cause a denial of service via a crafted HTTP request (Bug CSCuh81011). Public exploit code is n...

6.8CVSS6.4AI score0.00925EPSS
CVE
CVE
added 2015/02/19 12:0 a.m.48 views

CVE-2015-0622

The CVE-2015-0622 issue affects Cisco Wireless LAN Controller (WLC) with the Wireless Intrusion Detection (WIDS) module. The vulnerability arises from improper handling when rendering the Signature Events Summary page, which can be triggered by crafted packets sent by a remote attacker to cause a...

7.1CVSS6.9AI score0.0142EPSS
CVE
CVE
added 2016/09/02 12:0 a.m.48 views

CVE-2016-6376

Cisco WLC CVE-2016-6376 affects the Adaptive Wireless Intrusion Prevention System (wIPS) by failing to validate wIPS packets, enabling an unauthenticated, adjacent attacker to trigger a DoS and device restart. Affected firmware ranges include WLCs prior to 8.0.140.0, 8.1.x, 8.2.x prior to 8.2.121...

6.5CVSS6.4AI score0.00927EPSS
CVE
CVE
added 2013/08/30 8:0 p.m.47 views

CVE-2013-3474

CVE-2013-3474 affects Cisco Wireless LAN Controller (WLC) Web Administrator Interface. An authenticated attacker who is a member of Full Manager, Read Only, or Lobby Ambassador groups can cause a DoS (device crash) by submitting a request with a missing or malformed parameter value, triggering th...

6.3CVSS6.5AI score0.01237EPSS
CVE
CVE
added 2017/04/07 5:0 p.m.47 views

CVE-2016-9195

CVE-2016-9195 describes a DoS condition in Cisco Wireless LAN Controller (WLC) due to improper validation in RADIUS Change of Authorization (CoA) request processing. An unauthenticated, remote attacker can disconnect a single WLC client connection by sending a crafted CoA packet. Affected softwar...

5.3CVSS5.6AI score0.02048EPSS
CVE
CVE
added 2015/05/29 3:0 p.m.43 views

CVE-2015-0756

CVE-2015-0756 affects Cisco Wireless LAN Controller (WLC) devices running software 7.4(1.1) and related versions. The vulnerability stems from improper input validation in TCP traffic handling, allowing an unauthenticated, adjacent attacker to send crafted TCP packets to cause a denial-of-service...

6.1CVSS6.8AI score0.00738EPSS
CVE
CVE
added 2013/11/22 5:0 p.m.38 views

CVE-2013-6699

The CVE-2013-6699 entry concerns the CAPWAP implementation in Cisco Wireless LAN Controllers (WLC). A crafted CAPWAP packet can trigger a buffer over-read, allowing remote, unauthenticated attackers to cause a denial-of-service condition. Affected component is CAPWAP handling in the WLC stack; ro...

5CVSS7.1AI score0.01232EPSS