Wireless Lan Controller Software Security Vulnerabilities and Issues — Wireless Lan Controller Software CVE List

Lucene search

CiscoWireless Lan Controller Software

7 matches found

CVE•added 2018/10/17 7:29 p.m.•67 views

CVE-2018-0388

A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web-based interface of an affected system. The vulnerability is due to insufficient validat...

4.8CVSS5AI score0.00355EPSS

CVE•added 2018/10/17 10:29 p.m.•62 views

CVE-2018-0442

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. The vuln...

7.5CVSS7.4AI score0.01507EPSS

CVE•added 2018/10/17 10:29 p.m.•61 views

CVE-2018-0417

A vulnerability in TACACS authentication with Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to perform certain operations within the GUI that are not normally available to that user on the CLI. The vulnerability is due to incorrect parsing of a specific T...

7.8CVSS7.8AI score0.00485EPSS

CVE•added 2018/10/17 7:29 p.m.•60 views

CVE-2018-0416

A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances should be prohibited. The vulnerability is due to incomplete input and validation checking mechanisms...

5.3CVSS5.2AI score0.00341EPSS

CVE•added 2018/10/17 10:29 p.m.•55 views

CVE-2018-0443

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper input validation o...

8.6CVSS7.7AI score0.01226EPSS

CVE•added 2018/10/17 8:29 p.m.•43 views

CVE-2018-15395

A vulnerability in the authentication and authorization checking mechanisms of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, adjacent attacker to gain network access to a Cisco TrustSec domain. Under normal circumstances, this access should be prohibited. The vulnerabil...

5.4CVSS5.5AI score0.00121EPSS

CVE•added 2018/10/17 10:29 p.m.•32 views

CVE-2018-0420

A vulnerability in the web-based interface of Cisco Wireless LAN Controller Software could allow an authenticated, remote attacker to view sensitive information. The issue is due to improper sanitization of user-supplied input in HTTP request parameters that describe filenames and pathnames. An att...

6.5CVSS6.3AI score0.03147EPSS