CVE-2009-0058

The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial of service (web authentication outage or device reload) via unspecified network traffic, as demonstrated by a vulnerability scanner.

CVSS v2.0 6.1 MEDIUM

6.1^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:A/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 6.5 / Impact : 6.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/33749
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml	Vendor Advisory
http://www.securityfocus.com/bid/33608
http://www.securitytracker.com/id?1021679
http://secunia.com/advisories/33749
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml	Vendor Advisory
http://www.securityfocus.com/bid/33608
http://www.securitytracker.com/id?1021679

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:cisco:4400_wireless_lan_controller:4.1:::::::*
	cpe:2.3:h:cisco:4400_wireless_lan_controller:4.2:::::::*
	cpe:2.3:h:cisco:4400_wireless_lan_controller:5.2:::::::*
	cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:4.1:::::::*
	cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:4.2:::::::*
	cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:5.2:::::::*
	cpe:2.3:h:cisco:catalyst_6500_series_integrated_wireless_lan_controller:4.1:::::::*
	cpe:2.3:h:cisco:catalyst_6500_series_integrated_wireless_lan_controller:4.2:::::::*
	cpe:2.3:h:cisco:catalyst_6500_series_integrated_wireless_lan_controller:5.2:::::::*
	cpe:2.3:h:cisco:catalyst_7600_series_wireless_lan_controller:4.1:::::::*
	cpe:2.3:h:cisco:catalyst_7600_series_wireless_lan_controller:4.2:::::::*
	cpe:2.3:h:cisco:catalyst_7600_series_wireless_lan_controller:5.2:::::::*
	cpe:2.3:o:cisco:wireless_lan_controller_software:4.1:::::::*
	cpe:2.3:o:cisco:wireless_lan_controller_software:4.2:::::::*
	cpe:2.3:o:cisco:wireless_lan_controller_software:5.2:::::::*

History

21 Nov 2024, 00:58

Type	Values Removed	Values Added
References	~~() http://secunia.com/advisories/33749 -~~	() http://secunia.com/advisories/33749 -
References	~~() http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml - Vendor Advisory~~	() http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml - Vendor Advisory
References	~~() http://www.securityfocus.com/bid/33608 -~~	() http://www.securityfocus.com/bid/33608 -
References	~~() http://www.securitytracker.com/id?1021679 -~~	() http://www.securitytracker.com/id?1021679 -

Information

Published : 2009-02-05 00:30

Updated : 2025-04-09 00:30

NVD link : CVE-2009-0058

Mitre link : CVE-2009-0058

CVE.ORG link : CVE-2009-0058

JSON object : View

Products Affected

cisco

4400_wireless_lan_controller
catalyst_7600_series_wireless_lan_controller
wireless_lan_controller_software
catalyst_3750_series_integrated_wireless_lan_controller
catalyst_6500_series_integrated_wireless_lan_controller

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2009-0058", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.1, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-02-05T00:30:00.267", "references": [{"url": "http://secunia.com/advisories/33749", "source": "psirt@cisco.com"}, {"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml", "tags": ["Vendor Advisory"], "source": "psirt@cisco.com"}, {"url": "http://www.securityfocus.com/bid/33608", "source": "psirt@cisco.com"}, {"url": "http://www.securitytracker.com/id?1021679", "source": "psirt@cisco.com"}, {"url": "http://secunia.com/advisories/33749", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/33608", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1021679", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial of service (web authentication outage or device reload) via unspecified network traffic, as demonstrated by a vulnerability scanner."}, {"lang": "es", "value": "Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), y Cisco Catalyst 3750 Integrated Wireless LAN Controller con software v4.x antes de v4.2.176.0 y v5.x antes de v5.2, permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del servicio de autenticaci\u00f3n web) mediante tr\u00e1fico de red no especificado, como ha demostrado un esc\u00e1ner de vulnerabilidades."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:4400_wireless_lan_controller:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB886E18-A1F0-4A05-AFBF-FFC4FA72373C"}, {"criteria": "cpe:2.3:h:cisco:4400_wireless_lan_controller:4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5561784-ACF8-4CCD-94FA-AAA17AC8363E"}, {"criteria": "cpe:2.3:h:cisco:4400_wireless_lan_controller:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5830E746-BD5C-43A6-914F-1D8411E235E3"}, {"criteria": "cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49DECEDD-4D87-455B-BC28-6227ABC49714"}, {"criteria": "cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D797EE92-8C85-4C83-A96A-DF1922712742"}, {"criteria": "cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA1C016C-30FA-4F76-883B-12712316F750"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6500_series_integrated_wireless_lan_controller:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8FFC9F3-8342-4A71-9731-14EF90C8E678"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6500_series_integrated_wireless_lan_controller:4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E82E205F-2FA0-4030-8BC9-D622FCF015BF"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6500_series_integrated_wireless_lan_controller:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54A95FA8-80E7-4995-ABE8-86326E698017"}, {"criteria": "cpe:2.3:h:cisco:catalyst_7600_series_wireless_lan_controller:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBB9B9EF-1ADF-4C04-A9C4-EF87EF999D7E"}, {"criteria": "cpe:2.3:h:cisco:catalyst_7600_series_wireless_lan_controller:4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C59B5CEE-8756-4A42-B9BA-489CE0DE5AA3"}, {"criteria": "cpe:2.3:h:cisco:catalyst_7600_series_wireless_lan_controller:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21F21CDB-2DFE-4781-8FC6-DF449FB6FA64"}, {"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F3A8DBB-9E82-4428-9034-391F662DFA0B"}, {"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC1E1F40-ECB6-42FB-838E-998B1893D5CB"}, {"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1511CA9-B471-49D6-9BEE-1BADE6EC61E6"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@cisco.com"}

6.1 /10