The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Cisco Wireless LAN Controller

computer vulnerability announce CVE-2017-12280

Cisco Wireless LAN Controller: denial of service via CAPWAP

Synthesis of the vulnerability

An attacker can send malicious CAPWAP packets to Cisco Wireless LAN Controller, in order to trigger a denial of service.
Impacted products: Cisco Wireless Controller.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: intranet client.
Creation date: 02/11/2017.
Identifiers: CERTFR-2017-AVI-389, cisco-sa-20171101-wlc3, CSCvb95842, CVE-2017-12280, VIGILANCE-VUL-24287.

Description of the vulnerability

An attacker can send malicious CAPWAP packets to Cisco Wireless LAN Controller, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2017-12282

Cisco Wireless LAN Controller: denial of service via ANQP

Synthesis of the vulnerability

An attacker can send malicious ANQP packets to Cisco Wireless LAN Controller, in order to trigger a denial of service.
Impacted products: Cisco Wireless Controller.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: radio connection.
Creation date: 02/11/2017.
Identifiers: CERTFR-2017-AVI-389, cisco-sa-20171101-wlc4, CSCve05779, CVE-2017-12282, VIGILANCE-VUL-24286.

Description of the vulnerability

An attacker can send malicious ANQP packets to Cisco Wireless LAN Controller, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-12278

Cisco Wireless LAN Controller: denial of service via SNMP

Synthesis of the vulnerability

An attacker can send malicious SNMP packets to Cisco Wireless LAN Controller, in order to trigger a denial of service.
Impacted products: Cisco Wireless Controller.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: intranet client.
Creation date: 02/11/2017.
Identifiers: CERTFR-2017-AVI-389, cisco-sa-20171101-wlc1, CSCvc71674, CVE-2017-12278, VIGILANCE-VUL-24282.

Description of the vulnerability

An attacker can send malicious SNMP packets to Cisco Wireless LAN Controller, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2017-12275

Cisco Wireless LAN Controller: denial of service via 802.11v BSS Transition Management Response

Synthesis of the vulnerability

An attacker can send malicious 802.11v BSS Transition Management Response packets to Cisco Wireless LAN Controller, in order to trigger a denial of service.
Impacted products: Cisco Wireless Controller.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: radio connection.
Creation date: 02/11/2017.
Identifiers: CERTFR-2017-AVI-389, cisco-sa-20171101-wlc2, CSCvb57803, CVE-2017-12275, VIGILANCE-VUL-24281.

Description of the vulnerability

An attacker can send malicious 802.11v BSS Transition Management Response packets to Cisco Wireless LAN Controller, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2016-9195

Cisco Wireless LAN Controller: denial of service via RADIUS CoA

Synthesis of the vulnerability

An attacker can send malicious RADIUS CoA packets to Cisco Wireless LAN Controller, in order to trigger a denial of service.
Impacted products: Cisco Wireless Controller.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: intranet client.
Creation date: 06/04/2017.
Identifiers: cisco-sa-20170405-wlc1, CVE-2016-9195, VIGILANCE-VUL-22364.

Description of the vulnerability

The Cisco Wireless LAN Controller product includes a RADIUS service.

However, when malicious RADIUS CoA packets are received, a fatal error occurs.

An attacker can therefore send malicious RADIUS CoA packets to Cisco Wireless LAN Controller, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2017-3832

Cisco Wireless LAN Controller: denial of service via Management GUI

Synthesis of the vulnerability

An attacker can generate a fatal error via Management GUI of Cisco Wireless LAN Controller, in order to trigger a denial of service.
Impacted products: Cisco Wireless Controller.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: intranet client.
Creation date: 06/04/2017.
Identifiers: CERTFR-2017-AVI-103, cisco-sa-20170405-wlc3, CSCvb48198, CVE-2017-3832, VIGILANCE-VUL-22349.

Description of the vulnerability

An attacker can generate a fatal error via Management GUI of Cisco Wireless LAN Controller, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2016-9219

Cisco Wireless LAN Controller: denial of service via IPv6 UDP

Synthesis of the vulnerability

An attacker can send malicious IPv6 UDP packets to Cisco Wireless LAN Controller, in order to trigger a denial of service.
Impacted products: Cisco Wireless Controller.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: internet client.
Creation date: 06/04/2017.
Identifiers: CERTFR-2017-AVI-103, cisco-sa-20170405-wlc2, CSCva98592, CVE-2016-9219, VIGILANCE-VUL-22348.

Description of the vulnerability

An attacker can send malicious IPv6 UDP packets to Cisco Wireless LAN Controller, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2016-9194

Cisco Wireless LAN Controller: denial of service via WME

Synthesis of the vulnerability

An attacker can send malicious WME packets to Cisco Wireless LAN Controller, in order to trigger a denial of service.
Impacted products: Cisco Wireless Controller.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: radio connection.
Creation date: 06/04/2017.
Identifiers: CERTFR-2017-AVI-103, cisco-sa-20170405-wlc, CSCva86353, CVE-2016-9194, VIGILANCE-VUL-22347.

Description of the vulnerability

An attacker can send malicious WME packets to Cisco Wireless LAN Controller, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-3854

Cisco WLC: privilege escalation via Meshed Topology

Synthesis of the vulnerability

An attacker can bypass restrictions via Meshed Topology of Cisco WLC, in order to escalate his privileges.
Impacted products: Cisco Wireless Controller.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights.
Provenance: radio connection.
Creation date: 15/03/2017.
Identifiers: CERTFR-2017-AVI-084, cisco-sa-20170315-wlc-mesh, CSCuc98992, CSCuu14804, CVE-2017-3854, VIGILANCE-VUL-22145.

Description of the vulnerability

An attacker can bypass restrictions via Meshed Topology of Cisco WLC, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2017-3733

OpenSSL: denial of service via the "Encrypt-Then-Mac" option

Synthesis of the vulnerability

An attacker can change the state of the "Encrypt-Then-Mac" TLS option in a renegotiation with a server or client based on OpenSSL, in order to trigger a denial of service.
Impacted products: Cisco ASR, Cisco ATA, AsyncOS, Cisco Catalyst, Cisco Content SMA, Cisco ESA, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Prime Collaboration Assurance, Cisco Prime DCNM, Prime Infrastructure, Cisco Router, Cisco CUCM, Cisco Manager Attendant Console, Cisco Wireless IP Phone, Cisco WSA, Cisco Wireless Controller, HP Operations, IRAD, Tivoli Storage Manager, OpenSSL, Oracle Communications, Oracle Directory Server, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle Identity Management, Oracle iPlanet Web Server, Tuxedo, VirtualBox, WebLogic, Oracle Web Tier.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: internet client.
Creation date: 16/02/2017.
Identifiers: 2003480, 2003620, 2003673, 2004940, CERTFR-2017-AVI-035, cisco-sa-20170130-openssl, cpuapr2019, cpujan2018, cpuoct2017, CVE-2017-3733, HPESBGN03728, VIGILANCE-VUL-21871.

Description of the vulnerability

OpenSSL implements the possibility of renegotiation of TLS option and parameters during a session.

However, for some combinations of algorithms, the negation of the state of the option "Encrypt-Then-Mac" generates a fatal error.

An attacker can therefore change the state of the "Encrypt-Then-Mac" TLS option in a renegotiation with a server or client based on OpenSSL, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Cisco Wireless LAN Controller: