18 results (0.003 seconds)

CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0

A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability exist because the software improperly validates input on fields within IAPP messages. An attacker could exploit the vulnerability by sending malicious IAPP messages to an affected device. A successful exploit could allow the attacker to cause the Cisco WLC Software to reload, resulting in a DoS condition. Software versions prior to 8.2.170.0, 8.5.150.0, and 8.8.100.0 are affected. • http://www.securityfocus.com/bid/108008 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-wlc-iapp • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •

CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0

A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability exist because the software improperly validates input on fields within IAPP messages. An attacker could exploit the vulnerability by sending malicious IAPP messages to an affected device. A successful exploit could allow the attacker to cause the Cisco WLC Software to reload, resulting in a DoS condition. Software versions prior to 8.2.170.0, 8.5.150.0, and 8.8.100.0 are affected. • http://www.securityfocus.com/bid/108008 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-wlc-iapp • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •

CVSS: 7.4EPSS: 0%CPEs: 4EXPL: 0

A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability exist because the software improperly validates input on fields within IAPP messages. An attacker could exploit the vulnerability by sending malicious IAPP messages to an affected device. A successful exploit could allow the attacker to cause the Cisco WLC Software to reload, resulting in a DoS condition. Software versions prior to 8.2.170.0, 8.5.150.0, and 8.8.100.0 are affected. • http://www.securityfocus.com/bid/108008 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-wlc-iapp • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •

CVSS: 5.7EPSS: 0%CPEs: 96EXPL: 0

Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow remote attackers to cause a denial of service (device reload) by sending crafted Inter-Access Point Protocol (IAPP) packets and then sending a traffic stream metrics (TSM) information request over SNMP, aka Bug ID CSCuz40221. Dispositivos Cisco Wireless LAN Controller (WLC) en versiones anteriores a 8.0.140.0, 8.1.x y 8.2.x en versiones anteriores a 8.2.121.0 y 8.3.x en versiones anteriores a 8.3.102.0 permiten a atacantes remotos provocar una denegación de servicio (recarga del dispositivo) mediante el envío de paquetes Inter-Access Point Protocol (IAPP) manipulados y después, el envío de peticiones de información de métricas de flujo de tráfico (TSM) a través de SNMP, vulnerabilidad también conocida como Bug ID CSCuz40221. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-wlc-1 http://www.securityfocus.com/bid/92712 http://www.securitytracker.com/id/1036721 • CWE-399: Resource Management Errors •

CVSS: 6.5EPSS: 0%CPEs: 95EXPL: 0

The Adaptive Wireless Intrusion Prevention System (wIPS) feature on Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device restart) via a malformed wIPS packet, aka Bug ID CSCuz40263. La funcionalidad Adaptive Wireless Intrusion Prevention System (wIPS) en dispositivos Cisco Wireless LAN Controller (WLC) en versiones anteriores a 8.0.140.0, 8.1.x y 8.2.x en versiones anteriores a 8.2.121.0 y 8.3.x en versiones anteriores a 8.3.102.0 permite a atacantes remotos provocar una denegación de servicio (reinicio del dispositivo) a través de un paquete wIPS mal formado, también conocido como Bug ID CSCuz40263. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-wlc-2 http://www.securityfocus.com/bid/92716 http://www.securitytracker.com/id/1036720 • CWE-399: Resource Management Errors •