Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.105416
Category:CISCO
Title:Cisco Wireless LAN Controller Client Disconnection Vulnerability
Summary:A vulnerability in the Web Management GUI of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, remote attacker to trigger client disconnection.
Description:Summary:
A vulnerability in the Web Management GUI of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, remote attacker to trigger client disconnection.

Vulnerability Insight:
The vulnerability is due to a lack of access control to the Cisco WLC Web Management GUI.

Vulnerability Impact:
An attacker could exploit this vulnerability by connecting to the IP address of the Cisco WLC and triggering client disconnections. The attacker must reach the Cisco WLC management IP address on port 80 or port 443 via its wired interface.

Affected Software/OS:
Cisco WLC Software versions 7.4(140.0) and 8.0(120.0) are vulnerable.

Solution:
See vendor advisory for a solution

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-6341
Cisco Security Advisory: 20151016 Cisco Wireless LAN Controller Client Disconnection Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151016-wlc
http://www.securitytracker.com/id/1033871
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.