Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-20131113-CVE-2013-6684
HistoryNov 13, 2013 - 5:34 p.m.

Cisco Wireless LAN Controller HTTP Request Denial of Service Vulnerability

2013-11-1317:34:06
tools.cisco.com
16

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

EPSS

0.001

Percentile

41.9%

JSON

A vulnerability in the web framework of the Cisco Wireless LAN Controller (WLC) could allow an authenticated, remote attacker to create a denial of service (DoS) condition.

The vulnerability is due to improper input validation of configuration parameters. An attacker could exploit this vulnerability by sending a crafted HTTP request to the Cisco WLC.

Cisco has confirmed the vulnerability in a security notice; however, software updates are not available.

To exploit this vulnerability, an attacker would need to authenticate to the targeted device in order to send crafted HTTP requests to the vulnerable system. This access requirement decreases the likelihood of a successful exploit.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.

Affected configurations

Vulners
Node
ciscowireless_lan_controllerMatch4.0
OR
ciscowireless_lan_controllerMatch3.2
OR
ciscowireless_lan_controllerMatch3.1
OR
ciscowireless_lan_controllerMatch4.1
OR
ciscowireless_lan_controllerMatch3.0
OR
ciscowireless_lan_controllerMatch4.2
OR
ciscowireless_lan_controllerMatch5.0
OR
ciscowireless_lan_controllerMatch5.1
OR
ciscowireless_lan_controllerMatch5.2
OR
ciscowireless_lan_controllerMatch6.0
OR
ciscowireless_lan_controllerMatch7.0
OR
ciscowireless_lan_controllerMatch7.1
OR
ciscowireless_lan_controllerMatch7.2
OR
ciscowireless_lan_controllerMatch7.4
OR
ciscowireless_lan_controllerMatch7.3
OR
ciscowireless_lan_controllerMatch4.0.196
OR
ciscowireless_lan_controllerMatch4.0.108
OR
ciscowireless_lan_controllerMatch4.0.155.5
OR
ciscowireless_lan_controllerMatch4.0.179.8
OR
ciscowireless_lan_controllerMatch4.0.179.11
OR
ciscowireless_lan_controllerMatch4.0.155.0
OR
ciscowireless_lan_controllerMatch4.0.206.0
OR
ciscowireless_lan_controllerMatch4.0.217.0
OR
ciscowireless_lan_controllerMatch4.0.219.0
OR
ciscowireless_lan_controllerMatch3.2.78.0
OR
ciscowireless_lan_controllerMatch3.2.116.21
OR
ciscowireless_lan_controllerMatch3.2.150.6
OR
ciscowireless_lan_controllerMatch3.2.150.10
OR
ciscowireless_lan_controllerMatch3.2.171.5
OR
ciscowireless_lan_controllerMatch3.2.171.6
OR
ciscowireless_lan_controllerMatch3.2.185.0
OR
ciscowireless_lan_controllerMatch3.2.195.10
OR
ciscowireless_lan_controllerMatch3.2.193.5
OR
ciscowireless_lan_controllerMatch3.1.105.0
OR
ciscowireless_lan_controllerMatch3.1.59.24
OR
ciscowireless_lan_controllerMatch3.1.111.0
OR
ciscowireless_lan_controllerMatchany
OR
ciscowireless_lan_controllerMatch4.1.181.0
OR
ciscowireless_lan_controllerMatch4.1.171.0
OR
ciscowireless_lan_controllerMatch4.1.185.0
OR
ciscowireless_lan_controllerMatchany
OR
ciscowireless_lan_controllerMatchany
OR
ciscowireless_lan_controllerMatch4.2.61.0
OR
ciscowireless_lan_controllerMatch4.2.99.0
OR
ciscowireless_lan_controllerMatch4.2.112.0
OR
ciscowireless_lan_controllerMatch4.2.130.0
OR
ciscowireless_lan_controllerMatch4.2.117.0
OR
ciscowireless_lan_controllerMatch4.2.173.0
OR
ciscowireless_lan_controllerMatch4.2.174.0
OR
ciscowireless_lan_controllerMatch4.2.176.0
OR
ciscowireless_lan_controllerMatch4.2.182.0
OR
ciscowireless_lan_controllerMatch5.0.148.0
OR
ciscowireless_lan_controllerMatch5.0.148.2
OR
ciscowireless_lan_controllerMatch5.1.151.0
OR
ciscowireless_lan_controllerMatch5.1.152.0
OR
ciscowireless_lan_controllerMatch5.1.160.0
OR
ciscowireless_lan_controllerMatch5.2.157.0
OR
ciscowireless_lan_controllerMatch5.2.169.0
OR
ciscowireless_lan_controllerMatchany
OR
ciscowireless_lan_controllerMatch6.0.182.0
OR
ciscowireless_lan_controllerMatch6.0.188.0
OR
ciscowireless_lan_controllerMatch6.0.196.0
OR
ciscowireless_lan_controllerMatch6.0.199.4
OR
ciscowireless_lan_controllerMatch6.0.202.0
OR
ciscowireless_lan_controllerMatchany
OR
ciscowireless_lan_controllerMatch7.0.98.0
OR
ciscowireless_lan_controllerMatch7.0.116.0
OR
ciscowireless_lan_controllerMatch7.0.98.218
OR
ciscowireless_lan_controllerMatch7.0.220.0
OR
ciscowireless_lan_controllerMatchany
OR
ciscowireless_lan_controllerMatch7.1.91.0
OR
ciscowireless_lan_controllerMatchany
OR
ciscowireless_lan_controllerMatch7.2.103.0
OR
ciscowireless_lan_controllerMatch7.4.100.0
OR
ciscowireless_lan_controllerMatch7.4.100.60
OR
ciscowireless_lan_controllerMatch7.4.110.0
OR
ciscowireless_lan_controllerMatchany
OR
ciscowireless_lan_controllerMatch7.3.101.0
OR
ciscowireless_lan_controllerMatch7.3.112.0
VendorProductVersionCPE
ciscowireless_lan_controller4.0cpe:2.3:h:cisco:wireless_lan_controller:4.0:*:*:*:*:*:*:*
ciscowireless_lan_controller3.2cpe:2.3:h:cisco:wireless_lan_controller:3.2:*:*:*:*:*:*:*
ciscowireless_lan_controller3.1cpe:2.3:h:cisco:wireless_lan_controller:3.1:*:*:*:*:*:*:*
ciscowireless_lan_controller4.1cpe:2.3:h:cisco:wireless_lan_controller:4.1:*:*:*:*:*:*:*
ciscowireless_lan_controller3.0cpe:2.3:h:cisco:wireless_lan_controller:3.0:*:*:*:*:*:*:*
ciscowireless_lan_controller4.2cpe:2.3:h:cisco:wireless_lan_controller:4.2:*:*:*:*:*:*:*
ciscowireless_lan_controller5.0cpe:2.3:h:cisco:wireless_lan_controller:5.0:*:*:*:*:*:*:*
ciscowireless_lan_controller5.1cpe:2.3:h:cisco:wireless_lan_controller:5.1:*:*:*:*:*:*:*
ciscowireless_lan_controller5.2cpe:2.3:h:cisco:wireless_lan_controller:5.2:*:*:*:*:*:*:*
ciscowireless_lan_controller6.0cpe:2.3:h:cisco:wireless_lan_controller:6.0:*:*:*:*:*:*:*
Rows per page:
1-10 of 721

Related

nessus 1
cvelist 1
cve 1
prion 1
nvd 1
nessus
nessus
HTTP DoS Vulnerability in Cisco Wireless LAN Controllers
2013-12-03 00:00:00
cvelist
cvelist
CVE-2013-6684
2013-11-13 15:00:00
cve
cve
CVE-2013-6684
2013-11-13 15:55:04
prion
prion
Design/Logic Flaw
2013-11-13 15:55:00
nvd
nvd
CVE-2013-6684
2013-11-13 15:55:04

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

EPSS

0.001

Percentile

41.9%

JSON
Related for CISCO-SA-20131113-CVE-2013-6684
nessus1cvelist1cve1prion1nvd1