Cisco Wireless LAN Controller Software contains a vulnerability that could allow an authenticated, remote malicious user to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input to the affected software. An authenticated, remote attacker could exploit the vulnerability by sending crafted HTTP GET requests to the targeted system. When processed, the malicious requests could cause the vulnerable software terminate abnormally, denying service to legitimate users. Functional code that exploits the vulnerability is publicly available. Cisco confirmed the vulnerability in a security bug report; however, software updates are not available. Only users who can authenticate to the affected software could exploit the vulnerability. Affected systems typically have restricted access, limiting the potential for exploitation. A related vulnerability in the affected software could allow an unauthenticated, remote malicious user to exploit the vulnerability. However, the exploit relies upon user interaction, and the targeted user must have authenticated access to the affected system.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco wireless_lan_controller_software 7.2.110.0 |
||
cisco 4100_wireless_lan_controller |
||
cisco 4400_wireless_lan_controller |
||
cisco 5500_wireless_lan_controller - |
||
cisco 7500_wireless_lan_controller - |
||
cisco 2100_wireless_lan_controller |
||
cisco 2000_wireless_lan_controller |
||
cisco 2500_wireless_lan_controller - |
||
cisco 8500_wireless_lan_controller - |
Vulmon