Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2018-0248

Published: 17/04/2019 Updated: 09/10/2019
CVSS v2 Base Score: 6.8 | Impact Score: 6.9 | Exploitability Score: 8
CVSS v3 Base Score: 4.9 | Impact Score: 3.6 | Exploitability Score: 1.2
VMScore: 605
Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C
Subscribe to Wireless Lan Controller Software

Vulnerability Summary

A vulnerability in the administrative GUI configuration feature of Cisco Wireless LAN Controller (WLC) Software could allow an aUTHENTICated, remote malicious user to cause the device to reload unexpectedly during device configuration when the administrator is using this GUI, causing a denial of service (DoS) condition on an affected device. The attacker would need to have valid administrator credentials on the device. This vulnerability is due to incomplete input validation for unexpected configuration options that the attacker could submit while accessing the GUI configuration menus. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted user input when using the administrative GUI configuration feature. A successful exploit could allow the malicious user to cause the device to reload, resulting in a DoS condition. Software versions before 8.3.150.0, 8.5.140.0, 8.8.111.0 are affected by this vulnerability.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco wireless lan controller software

Vendor Advisories

Cisco: Cisco Wireless LAN Controller Software GUI Configuration Denial of Service Vulnerabilities
Multiple vulnerabilities in the administrative GUI configuration feature of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, remote attacker to cause the device to reload unexpectedly during device configuration when the administrator is using this GUI, causing a denial of service (DoS) condition on an affected device The ...

References

CWE-20https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-wlc-guihttp://www.securityfocus.com/bid/108009https://nvd.nist.govhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-wlc-gui
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook