Lucene search

MitreCVE-2007-2041

HistoryApr 16, 2007 - 9:19 p.m.

CVE-2007-2041

2007-04-1621:19:00

mitre

web.nvd.nist.gov

cisco

wlc

wlan

acl

configuration

vulnerability

checksum

bypass

access restrictions

bug id cscse58195

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.021

Percentile

89.4%

JSON

Cisco Wireless LAN Controller (WLC) before 4.0.206.0 saves the WLAN ACL configuration with an invalid checksum, which prevents WLAN ACLs from being loaded at boot time, and might allow remote attackers to bypass intended access restrictions, aka Bug ID CSCse58195.

Affected configurations

Nvd

Node

cisco2100_wireless_lan_controller

cisco4400_wireless_lan_controller

VendorProductVersionCPE
cisco2100_wireless_lan_controller*cpe:2.3:h:cisco:2100_wireless_lan_controller:*:*:*:*:*:*:*:*
cisco4400_wireless_lan_controller*cpe:2.3:h:cisco:4400_wireless_lan_controller:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	2100_wireless_lan_controller	*	cpe:2.3:h:cisco:2100_wireless_lan_controller::::::::
cisco	4400_wireless_lan_controller	*	cpe:2.3:h:cisco:4400_wireless_lan_controller::::::::

References

securitytracker.com/id?1017908

www.cisco.com/warp/public/707/cisco-sa-20070412-wlc.shtml

www.osvdb.org/34138

www.securityfocus.com/bid/23461

www.vupen.com/english/advisories/2007/1368

exchange.xforce.ibmcloud.com/vulnerabilities/33611

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.021

Percentile

89.4%

JSON

Related for CVE-2007-2041