A vulnerability in Locally Significant Certificate (LSC) management for the Cisco Wireless LAN Controller (WLC) could allow an authenticated, remote malicious user to cause the device to unexpectedly restart, which causes a denial of service (DoS) condition. The attacker would need to have valid administrator credentials. The vulnerability is due to incorrect input validation of the HTTP URL used to establish a connection to the LSC Certificate Authority (CA). An attacker could exploit this vulnerability by authenticating to the targeted device and configuring a LSC certificate. An exploit could allow the malicious user to cause a DoS condition due to an unexpected restart of the device.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco wireless lan controller software |
Vulmon