Executive Summary
Summary | |
---|---|
Title | Multiple Vulnerabilities in Cisco Wireless LAN Controllers |
Informations | |||
---|---|---|---|
Name | cisco-sa-20130123-wlc | First vendor Publication | 2013-01-23 |
Vendor | Cisco | Last vendor Modification | 2013-01-23 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:S/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
The Cisco Wireless LAN Controller (Cisco WLC) product family is affected by the following four vulnerabilities: Cisco Wireless LAN Controllers Wireless Intrusion Prevention System (wIPS) Denial of Service Vulnerability Cisco Wireless LAN Controllers Session Initiation Protocol Denial of Service Vulnerability Cisco Wireless LAN Controllers HTTP Profiling Remote Code Execution Vulnerability Cisco Wireless LAN Controllers SNMP Unauthorized Access Vulnerability Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130123-wlc BEGIN PGP SIGNATURE Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlD/9LgACgkQUddfH3/BbTqd2AEAjfwbSyTP5MOkZpmjQ/7ROsgt cxqqo3ApRtSkrqQ8QIYA/0U7bOtjGo6TyrU8P/XRmTYHUR4pnJzcAY15nULCBXzM =kd2V END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-264 | Permissions, Privileges, and Access Controls |
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2013-01-31 | IAVM : 2013-A-0022 - Multiple Security Vulnerabilities in Cisco Wireless LAN Controller Severity : Category I - VMSKEY : V0036642 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-09-25 | Name : The remote device is missing a vendor-supplied security update. File : cisco-sa-20130123-wlc.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 10:22:07 |
|
2013-11-11 12:37:31 |
|
2013-02-06 19:08:02 |
|
2013-01-23 21:20:01 |
|