Lucene search

CiscoCVE-2013-3474

HistoryAug 30, 2013 - 8:55 p.m.

CVE-2013-3474

2013-08-3020:55:08

CWE-119

cisco

web.nvd.nist.gov

cisco

wlc

web administrator interface

cve-2013-3474

denial of service

vulnerability

nvd

CVSS2

6.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:N/I:N/A:C

AI Score

6.5

Confidence

Low

EPSS

0.004

Percentile

73.2%

JSON

The Web Administrator Interface on Cisco Wireless LAN Controller (WLC) devices allows remote authenticated users to cause a denial of service (device crash) by leveraging membership in the Full Manager managers group, Read Only managers group, or Lobby Ambassador managers group, and sending a request that (1) lacks a parameter value or (2) contains a malformed parameter value, aka Bug IDs CSCuh14313, CSCuh14159, CSCuh14368, and CSCuh14436.

Affected configurations

Nvd

Node

ciscowireless_lan_controller

VendorProductVersionCPE
ciscowireless_lan_controller*cpe:2.3:h:cisco:wireless_lan_controller:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	wireless_lan_controller	*	cpe:2.3:h:cisco:wireless_lan_controller::::::::

References

osvdb.org/96763

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3474

www.securityfocus.com/bid/62084

www.securitytracker.com/id/1028970

exchange.xforce.ibmcloud.com/vulnerabilities/86811

CVSS2

6.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:N/I:N/A:C

AI Score

6.5

Confidence

Low

EPSS

0.004

Percentile

73.2%

JSON

Related for CVE-2013-3474