Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-20151016-WLC
HistoryOct 16, 2015 - 7:51 p.m.

Cisco Wireless LAN Controller Client Disconnection Vulnerability

2015-10-1619:51:00
tools.cisco.com
18

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.001

Percentile

47.1%

JSON

A vulnerability in the Web Management GUI of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, remote attacker to trigger client disconnection.

The vulnerability is due to a lack of access control to the Cisco WLC Web Management GUI. An attacker could exploit this vulnerability by connecting to the IP address of the Cisco WLC and triggering client disconnections. The attacker must reach the Cisco WLC management IP address on port 80 or port 443 via its wired interface.

Cisco has not released software updates that address this vulnerability. A workaround that mitigates this vulnerability is available. This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151016-wlc[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151016-wlc”]

Affected configurations

Vulners
Node
ciscowireless_lan_controllerMatch7.4
OR
ciscowireless_lan_controllerMatch8.0
OR
ciscowireless_lan_controllerMatch7.4.140.0
OR
ciscowireless_lan_controllerMatch8.0.120.0
VendorProductVersionCPE
ciscowireless_lan_controller7.4cpe:2.3:h:cisco:wireless_lan_controller:7.4:*:*:*:*:*:*:*
ciscowireless_lan_controller8.0cpe:2.3:h:cisco:wireless_lan_controller:8.0:*:*:*:*:*:*:*
ciscowireless_lan_controller7.4.140.0cpe:2.3:h:cisco:wireless_lan_controller:7.4.140.0:*:*:*:*:*:*:*
ciscowireless_lan_controller8.0.120.0cpe:2.3:h:cisco:wireless_lan_controller:8.0.120.0:*:*:*:*:*:*:*

Related

openvas 1
nessus 1
cve 1
cvelist 1
prion 1
nvd 1
openvas
openvas
Cisco Wireless LAN Controller Client Disconnection Vulnerability
2015-10-21 00:00:00
nessus
nessus
Cisco Wireless LAN Controller Client Disconnection DoS
2016-01-22 00:00:00
cve
cve
CVE-2015-6341
2015-10-25 02:59:11
cvelist
cvelist
CVE-2015-6341
2015-10-25 01:00:00
prion
prion
Information disclosure
2015-10-25 02:59:00
nvd
nvd
CVE-2015-6341
2015-10-25 02:59:11

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.001

Percentile

47.1%

JSON
Related for CISCO-SA-20151016-WLC
openvas1nessus1cve1cvelist1prion1nvd1