CVSS: 7.4EPSS: 0%CPEs: 8EXPL: 0CVE-2022-20769 – Cisco Wireless LAN Controller AireOS Software FIPS Mode Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20769
30 Sep 2022 — A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error validation. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to cause the wireless LAN controller to crash, resulting in a DoS condition. Note: Thi... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dos-mKGRrsCB • CWE-787: Out-of-bounds Write •
CVSS: 8.6EPSS: 0%CPEs: 6EXPL: 0CVE-2020-3273 – Cisco Wireless LAN Controller 802.11 Generic Advertisement Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3273
15 Apr 2020 — A vulnerability in the 802.11 Generic Advertisement Service (GAS) frame processing function of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS). The vulnerability is due to incomplete input validation of the 802.11 GAS frames that are processed by an affected device. An attacker could exploit this vulnerability by sending a crafted 802.11 GAS frame over the air to an access point (AP), a... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-gas-dos-8FsE3AWH • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0CVE-2020-3262 – Cisco Wireless LAN Controller CAPWAP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3262
15 Apr 2020 — A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol handler of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of CAPWAP packets. An attacker could exploit this vulnerability by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected devi... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-capwap-dos-Y2sD9uEw • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 2%CPEs: 4EXPL: 0CVE-2019-15262 – Cisco Wireless LAN Controller Secure Shell Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-15262
16 Oct 2019 — A vulnerability in the Secure Shell (SSH) session management for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the SSH process is not properly deleted when an SSH connection to the device is disconnected. An attacker could exploit this vulnerability by repeatedly opening SSH connections to an affected device. A successful exploit could allow the attacker to exha... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-wlc-ssh-dos • CWE-20: Improper Input Validation CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.2EPSS: 0%CPEs: 211EXPL: 0CVE-2019-1649 – Cisco Secure Boot Hardware Tampering Vulnerability
https://notcve.org/view.php?id=CVE-2019-1649
13 May 2019 — A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot har... • http://www.securityfocus.com/bid/108350 • CWE-284: Improper Access Control CWE-667: Improper Locking •
CVSS: 8.8EPSS: 1%CPEs: 16EXPL: 0CVE-2017-3854
https://notcve.org/view.php?id=CVE-2017-3854
15 Mar 2017 — A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology. The vulnerability is due to insufficient authentication of the parent access point in a mesh configuration. An attacker could exploit this vulnerability by forcing the target system to disconnect from the correct parent access point and reconnect to a rogue access point owned by the attacker. An exploit could allow the attacker to control... • http://www.securityfocus.com/bid/96911 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 58EXPL: 0CVE-2012-0368
https://notcve.org/view.php?id=CVE-2012-0368
01 Mar 2012 — The administrative management interface on Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allows remote attackers to cause a denial of service (device crash) via a malformed URL in an HTTP request, aka Bug ID CSCts81997. El interface de gestión administrativa en dispositivos Cisco Wireless LAN Controller (WLC) con software v4.x, v5.x, v6.0, y v7.0 anterior a v7.0.220.0, v7.1 anteriores a v7.1.91.0, y v7.2 anter... • http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2012-0369
https://notcve.org/view.php?id=CVE-2012-0369
01 Mar 2012 — Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (device reload) via a sequence of IPv6 packets, aka Bug ID CSCtt07949. Dispositivos Cisco Wireless LAN Controller (WLC) con software v6.0 y v7.0 anteriores a v7.0.220.0, 7.1 anteriores a v7.1.91.0, y v7.2 anteriores a v7.2.103.0 permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) a través... • http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 58EXPL: 0CVE-2012-0370
https://notcve.org/view.php?id=CVE-2012-0370
01 Mar 2012 — Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service (device reload) via a sequence of (1) HTTP or (2) HTTPS packets, aka Bug ID CSCtt47435. Dispositivos Cisco Wireless LAN Controller (WLC) con software 4v.x, v5.x, v6.0, y v7.0 anteriores a v7.0.220.0 y 7.1 anteriores a v7.1.91.0, cuando está activado WebAuth, permite a atacantes remotos provocar una denegación d... • http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 0%CPEs: 56EXPL: 0CVE-2012-0371
https://notcve.org/view.php?id=CVE-2012-0371
01 Mar 2012 — Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-based ACLs are enabled, allow remote attackers to read or modify the configuration via unspecified vectors, aka Bug ID CSCtu56709. Dispositivos Cisco Wireless LAN Controller (WLC) son software v4.x, v5.x, v6.0, y 7.0 anteriores a v7.0.220.4, cuando está activada la opción CPU-based ACLs, permite a atacantes remotos leer y modificar la configuración a través de vectores no especificados, también conoci... • http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html • CWE-264: Permissions, Privileges, and Access Controls •