CVSS: 7.4EPSS: 0%CPEs: 8EXPL: 0CVE-2022-20769 – Cisco Wireless LAN Controller AireOS Software FIPS Mode Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20769
30 Sep 2022 — A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error validation. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to cause the wireless LAN controller to crash, resulting in a DoS condition. Note: Thi... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dos-mKGRrsCB • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 34EXPL: 0CVE-2022-20695 – Cisco Wireless LAN Controller Management Interface Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-20695
15 Apr 2022 — A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to bypass authentication controls and log in to the device through the management interface This vulnerability is due to the improper implementation of the password validation algorithm. An attacker could exploit this vulnerability by logging in to an affected device with crafted credentials. A successful exploit could allow the attacker to bypass authentication... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-auth-bypass-JRNhV4fF • CWE-287: Improper Authentication CWE-303: Incorrect Implementation of Authentication Algorithm •
CVSS: 8.6EPSS: 0%CPEs: 6EXPL: 0CVE-2020-3273 – Cisco Wireless LAN Controller 802.11 Generic Advertisement Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3273
15 Apr 2020 — A vulnerability in the 802.11 Generic Advertisement Service (GAS) frame processing function of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS). The vulnerability is due to incomplete input validation of the 802.11 GAS frames that are processed by an affected device. An attacker could exploit this vulnerability by sending a crafted 802.11 GAS frame over the air to an access point (AP), a... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-gas-dos-8FsE3AWH • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0CVE-2020-3262 – Cisco Wireless LAN Controller CAPWAP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3262
15 Apr 2020 — A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol handler of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of CAPWAP packets. An attacker could exploit this vulnerability by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected devi... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-capwap-dos-Y2sD9uEw • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 2%CPEs: 4EXPL: 0CVE-2019-15262 – Cisco Wireless LAN Controller Secure Shell Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-15262
16 Oct 2019 — A vulnerability in the Secure Shell (SSH) session management for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the SSH process is not properly deleted when an SSH connection to the device is disconnected. An attacker could exploit this vulnerability by repeatedly opening SSH connections to an affected device. A successful exploit could allow the attacker to exha... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-wlc-ssh-dos • CWE-20: Improper Input Validation CWE-404: Improper Resource Shutdown or Release •