Vulnslist

find the latest Cisco vulnerabilities

Multiple Vulnerabilities in Cisco Wireless LAN Controllers

cisco-sa-20130123-wlc · Critical · Published · Updated

The Cisco Wireless LAN Controller (Cisco WLC) product family is affected by the following four vulnerabilities: Cisco Wireless LAN Controllers Wireless Intrusion Prevention System (wIPS) Denial of Service Vulnerability Cisco Wireless LAN Controllers Session Initiation Protocol Denial of Service Vulnerability Cisco Wireless LAN Controllers HTTP Profiling Remote Code Execution Vulnerability Cisco Wireless LAN Controllers SNMP Unauthorized Access Vulnerability Cisco has released software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130123-wlc

Cisco advisory ·CSAF JSON

Workarounds

The following section contains information about a workaround, if available, for each vulnerability described in this security advisory.

Cisco Wireless LAN Controllers Wireless Intrusion Prevention System (wIPS) Denial of Service Vulnerability

There are no workarounds to mitigate this vulnerability besides disabling wIPS features in the Cisco WLC.

Cisco Wireless LAN Controllers Session Initiation Protocol Denial of Service Vulnerability

There are no workarounds to mitigate this vulnerability.

Cisco Wireless LAN Controllers HTTP Profiling Remote Code Execution Vulnerability

There are no workarounds to mitigate this vulnerability besides disabling the HTTP Profiling feature in the Cisco WLC.

Cisco Wireless LAN Controllers SNMP Unauthorized Access Vulnerability

CPU based Access Control Lists (ACLs) can be configured to restrict SNMP access to the affected WLC. After ACLs are defined, they can be applied to the management interface, the access point manager (AP-manager) interface, or any of the dynamic interfaces for client data traffic or to the Network Processing Unit (NPU) interface for traffic to the controller CPU.

CVEsCVE-2013-1102, CVE-2013-1103, CVE-2013-1104, CVE-2013-1105
Cisco Bug IDsCSCts87659, CSCtx80743, CSCua60653, CSCuc15636
CVSS ScoreBase 7.8
Base 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C
Base 9.0 AV:N/AC:L/Au:S/C:C/I:C/A:C/E:F/RL:OF/RC:C
Product Names From Source
Cisco Wireless LAN Controller (WLC) Base, Cisco Wireless LAN Controller (WLC) 7.0.98.0, Cisco Wireless LAN Controller (WLC) 7.0.116.0, Cisco Wireless LAN Controller (WLC) 7.0.98.218, Cisco Wireless LAN Controller (WLC) 7.0.220.0, Cisco Wireless LAN Controller (WLC) 7.1.91.0, Cisco Wireless LAN Controller (WLC) 7.2.103.0, Cisco Wireless LAN Controller (WLC) 7.3.101.0, Cisco Wireless LAN Controller (WLC)

Related Products

Product CVE Evidence
Cisco RV Series Routers CVE-2013-1105 Cisco OpenVuln
Cisco RV Series Routers CVE-2013-1104 Cisco OpenVuln
Cisco RV Series Routers CVE-2013-1103 Cisco OpenVuln
Cisco RV Series Routers CVE-2013-1102 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2013-1105 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2013-1104 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2013-1103 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2013-1102 Cisco OpenVuln
Cisco Wireless LAN Controller (WLC) CVE-2013-1105 Cisco OpenVuln
Cisco Wireless LAN Controller (WLC) CVE-2013-1104 Cisco OpenVuln
Cisco Wireless LAN Controller (WLC) CVE-2013-1103 Cisco OpenVuln
Cisco Wireless LAN Controller (WLC) CVE-2013-1102 Cisco OpenVuln