Executive Summary
Summary | |
---|---|
Title | Multiple Vulnerabilities in Cisco Wireless LAN Controllers |
Informations | |||
---|---|---|---|
Name | cisco-sa-20120229-wlc | First vendor Publication | 2012-02-29 |
Vendor | Cisco | Last vendor Modification | 2012-02-29 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The Cisco Wireless LAN Controller (WLC) product family is affected by the following vulnerabilities: * Cisco Wireless LAN Controllers HTTP Denial of Service Vulnerability Cisco has released free software updates that address these vulnerabilities. Workarounds are available that mitigate some of these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc Affected Products The Cisco WLC product family is affected by multiple vulnerabilities. Affected versions of Cisco ASA Software vary depending on the specific vulnerability. Vulnerable Products For specific version information, refer to the Software Versions and Fixes section of this advisory. Each of the following products is affected by at least one of the vulnerabilities covered in this Security Advisory: * Cisco 2000 Series WLC Note: The Cisco 2000 Series WLCs, Cisco 4100 Series WLCs, Cisco NM-AIR-WLC, and Cisco 500 Series Wireless Express Mobility Controllers, have reached end-of-software maintenance. The following table includes the end-of-life document URL for each model: +|Model |End of Life Document URL | |--| |Cisco 2000 Series WLC |http://www.cisco.com/en/US/prod/collateral/ | | |wireless/ps6302/ps8322/ps6308/ | | |prod_end-of-life_notice0900aecd805d22b0.html| |--| |Cisco 4100 Series WLC |http://www.cisco.com/en/US/prod/collateral/ | | |wireless/ps6302/ps8322/ps6307/ | | |prod_end-of-life_notice0900aecd803387a9.html| |--| |Cisco NM-AIR-WLC |http://www.cisco.com/en/US/prod/collateral/ | |Modules for ISR |modules/ps2797/ | | |prod_end-of-life_notice0900aecd806aeb34.html| |--| |Cisco 500 Series |http://www.cisco.com/en/US/prod/collateral/ | |Wireless Express |wireless/ps7306/ps7320/ps7339/ | |Mobility Controllers |end_of_life_c51-568040.html | +Determination of Software Versions To determine the WLC version that is running in a given environment, use one of the following methods: * In the web interface, choose the Monitor tab, click |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
75 % | CWE-399 | Resource Management Errors |
25 % | CWE-264 | Permissions, Privileges, and Access Controls |