CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9195
https://notcve.org/view.php?id=CVE-2016-9195
A vulnerability in RADIUS Change of Authorization (CoA) request processing in the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition by disconnecting a single connection. This vulnerability affects Cisco Wireless LAN Controller running software release 8.3.102.0. More Information: CSCvb01835. Known Fixed Releases: 8.4(1.49) 8.3(111.0) 8.3(108.0) 8.3(104.24) 8.3(102.3). "Una vulnerabilidad en RADIUS Change of Authorization (CoA) proceso de solicitud en el Cisco Wireless LAN Controller (WLC) podría permitir a un atacante remoto no autenticado provocar una denegación de servicio (DoS) desconectando una sola conexión. • http://www.securityfocus.com/bid/97425 http://www.securitytracker.com/id/1038188 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-wlc1 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-3832
https://notcve.org/view.php?id=CVE-2017-3832
A vulnerability in the web management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a missing internal handler for the specific request. An attacker could exploit this vulnerability by accessing a specific hidden URL on the GUI web management interface. A successful exploit could allow the attacker to cause a reload of the device, resulting in a DoS condition. This vulnerability affects only the Cisco Wireless LAN Controller 8.3.102.0 release. • http://www.securityfocus.com/bid/97421 http://www.securitytracker.com/id/1038184 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-wlc3 • CWE-264: Permissions, Privileges, and Access Controls CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-9219
https://notcve.org/view.php?id=CVE-2016-9219
A vulnerability with IPv6 UDP ingress packet processing in Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause an unexpected reload of the device. The vulnerability is due to incomplete IPv6 UDP header validation. An attacker could exploit this vulnerability by sending a crafted IPv6 UDP packet to a specific port on the targeted device. An exploit could allow the attacker to impact the availability of the device as it could unexpectedly reload. This vulnerability affects Cisco Wireless LAN Controller (WLC) running software version 8.2.121.0 or 8.3.102.0. • http://www.securityfocus.com/bid/97423 http://www.securitytracker.com/id/1038183 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-wlc2 • CWE-20: Improper Input Validation •