CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-6302
https://notcve.org/view.php?id=CVE-2015-6302
25 Sep 2015 — The RADIUS functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.0(250.0) and 7.0(252.0) allows remote attackers to disconnect arbitrary sessions via crafted Disconnect-Request UDP packets, aka Bug ID CSCuw29419. Vulnerabilidad en la funcionalidad RADIUS en dispositivos Cisco Wireless LAN Controller (WLC) con software 7.0(250.0) y 7.0(252.0), permite a atacantes remotos desconectar sesiones arbitrariamente a través de paquetes UDP Disconnect-Request manipulados, también conocida como ... • http://tools.cisco.com/security/center/viewAlert.x?alertId=41102 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-4224
https://notcve.org/view.php?id=CVE-2015-4224
26 Jun 2015 — Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0) allow local users to execute arbitrary OS commands in a privileged context via crafted CLI commands, aka Bug ID CSCuj39474. Los dispositivos Cisco Wireless LAN Controller (WLC) con software 7.0(240.0) permiten a usuarios locales ejecutar comandos del sistema operativo arbitrarios en un contexto privilegiado a través de comandos CLI manipulados, también conocido como Bug ID CSCuj39474. • http://tools.cisco.com/security/center/viewAlert.x?alertId=39517 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-4215
https://notcve.org/view.php?id=CVE-2015-4215
24 Jun 2015 — Cisco Wireless LAN Controller (WLC) devices with software 7.5(102.0) and 7.6(1.62) allow remote attackers to cause a denial of service (device crash) by triggering an exception during attempted forwarding of unspecified IPv6 packets to a non-IPv6 device, aka Bug ID CSCuj01046. Los dispositivos Cisco Wireless LAN Controller (WLC) con software 7.5(102.0) y 7.6(1.62) permiten a atacantes remotos causar una denegación de servicio (caída de dispositivo) mediante la provocación de una excepción durante el intento... • http://tools.cisco.com/security/center/viewAlert.x?alertId=39472 • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 0CVE-2015-0726
https://notcve.org/view.php?id=CVE-2015-0726
16 May 2015 — The web administration interface on Cisco Wireless LAN Controller (WLC) devices before 7.0.241, 7.1.x through 7.4.x before 7.4.122, and 7.5.x and 7.6.x before 7.6.120 allows remote authenticated users to cause a denial of service (device crash) via unspecified parameters, aka Bug IDs CSCum65159 and CSCum65252. La interfaz de la administración web en los dispositivos Cisco Wireless LAN Controller (WLC) anterior a 7.0.241, 7.1.x hasta 7.4.x anterior a 7.4.122, y 7.5.x y 7.6.x anterior a 7.6.120 permite a usua... • http://tools.cisco.com/security/center/viewAlert.x?alertId=38789 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2015-0723
https://notcve.org/view.php?id=CVE-2015-0723
16 May 2015 — The wireless web-authentication subsystem on Cisco Wireless LAN Controller (WLC) devices 7.5.x and 7.6.x before 7.6.120 allows remote attackers to cause a denial of service (process crash and device restart) via a crafted value, aka Bug ID CSCum03269. El subsistema de la autenticación web inalámbrico en los dispositivos Cisco Wireless LAN Controller (WLC) 7.5.x y 7.6.x anterior a 7.6.120 permite a atacantes remotos causar una denegación de servicio (caída de proceso y reinicio de dispositivo) a través de un... • http://tools.cisco.com/security/center/viewAlert.x?alertId=38749 • CWE-399: Resource Management Errors •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2015-0690
https://notcve.org/view.php?id=CVE-2015-0690
07 Apr 2015 — Cross-site scripting (XSS) vulnerability in the HTML help system on Cisco Wireless LAN Controller (WLC) devices before 8.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCun95178. Vulnerabilidad de XSS en el sistema de ayuda de HTML en los dispositivos Cisco Wireless LAN Controller (WLC) anterior a 8.0 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través de una URL manipulada, también conocido como Bug ID CSCun95178. • http://tools.cisco.com/security/center/viewAlert.x?alertId=38222 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0679
https://notcve.org/view.php?id=CVE-2015-0679
28 Mar 2015 — The web-authentication functionality on Cisco Wireless LAN Controller (WLC) devices 7.3(103.8) and 7.4(110.0) allows remote attackers to cause a denial of service (device reload) via a malformed password, aka Bug ID CSCui57980. La funcionalidad web-authentication en los dispositivos Cisco Wireless LAN Controller (WLC) 7.3(103.8) y 7.4(110.0) permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de una contraseña malformada, también conocido como Bug ID CSCui57980. • http://tools.cisco.com/security/center/viewAlert.x?alertId=38076 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2014-0701
https://notcve.org/view.php?id=CVE-2014-0701
06 Mar 2014 — Cisco Wireless LAN Controller (WLC) devices 7.0 before 7.0.250.0, 7.2, 7.3, and 7.4 before 7.4.110.0 do not properly deallocate memory, which allows remote attackers to cause a denial of service (reboot) by sending WebAuth login requests at a high rate, aka Bug ID CSCuf52361. Los dispositivos de Cisco Wireless LAN Controller (WLC) 7.0 anterior a 7.0.250.0, 7.2, 7.3 y 7.4 anterior a 7.4.110.0 no desasignan debidamente memoria, lo que permite a atacantes remotos causar una denegación de servicio (reinicio) me... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2014-0703
https://notcve.org/view.php?id=CVE-2014-0703
06 Mar 2014 — Cisco Wireless LAN Controller (WLC) devices 7.4 before 7.4.110.0 distribute Aironet IOS software with a race condition in the status of the administrative HTTP server, which allows remote attackers to bypass intended access restrictions by connecting to an Aironet access point on which this server had been disabled ineffectively, aka Bug ID CSCuf66202. Los dispositivos de Cisco Wireless LAN Controller (WLC) 7.4 anterior a 7.4.110.0 distribuyen software Aironet IOS con una condición de carrera en el estado d... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 0%CPEs: 54EXPL: 0CVE-2014-0704
https://notcve.org/view.php?id=CVE-2014-0704
06 Mar 2014 — The IGMP implementation on Cisco Wireless LAN Controller (WLC) devices 4.x, 5.x, 6.x, 7.0 before 7.0.250.0, 7.1, 7.2, and 7.3, when IGMPv3 Snooping is enabled, allows remote attackers to cause a denial of service (memory over-read and device restart) via a crafted field in an IGMPv3 message, aka Bug ID CSCuh33240. La implementación IGMP en los dispositivos de Cisco Wireless LAN Controller (WLC) 4.x, 5.x, 6.x, 7.0 anterior a 7.0.250.0, 7.1, 7.2 y 7.3, cuando IGMPv3 Snooping está habilitado, permite a atacant... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc • CWE-399: Resource Management Errors •