Cisco Wireless LAN Controller Software contains a vulnerability that could allow an authenticated, remote malicious user to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input to the affected software. An authenticated, remote attacker could exploit the vulnerability by sending crafted HTTP GET requests to the targeted system. When processed, the malicious requests could cause the vulnerable software terminate abnormally, denying service to legitimate users. Functional code that exploits the vulnerability is publicly available. Cisco confirmed the vulnerability in a security bug report; however, software updates are not available. Only users who can authenticate to the affected software could exploit the vulnerability. Affected systems typically have restricted access, limiting the potential for exploitation. A related vulnerability in the affected software could allow an unauthenticated, remote malicious user to exploit the vulnerability. However, the exploit relies upon user interaction, and the targeted user must have authenticated access to the affected system.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco wireless lan controller software 7.2.110.0 |
||
cisco 2000 wireless lan controller |
||
cisco 2100 wireless lan controller |
||
cisco 2500 wireless lan controller - |
||
cisco 4100 wireless lan controller |
||
cisco 4400 wireless lan controller |
||
cisco 5500 wireless lan controller - |
||
cisco 7500 wireless lan controller - |
||
cisco 8500 wireless lan controller - |
Vulmon