CVE-2015-0726

The web administration interface on Cisco Wireless LAN Controller (WLC) devices before 7.0.241, 7.1.x through 7.4.x before 7.4.122, and 7.5.x and 7.6.x before 7.6.120 allows remote authenticated users to cause a denial of service (device crash) via unspecified parameters, aka Bug IDs CSCum65159 and CSCum65252.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:N/I:N/A:C

Exploitability : 8.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://tools.cisco.com/security/center/viewAlert.x?alertId=38789	Vendor Advisory
http://www.securityfocus.com/bid/74641	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032327	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:cisco:wireless_lan_controller_software:7.0.98.0:::::::*
	cpe:2.3:o:cisco:wireless_lan_controller_software:7.0.98.218:::::::*
	cpe:2.3:o:cisco:wireless_lan_controller_software:7.0.116.0:::::::*
	cpe:2.3:o:cisco:wireless_lan_controller_software:7.0.220.0:::::::*
	cpe:2.3:o:cisco:wireless_lan_controller_software:7.0_base:::::::*
	cpe:2.3:o:cisco:wireless_lan_controller_software:7.4.1.54:::::::*
	cpe:2.3:o:cisco:wireless_lan_controller_software:7.4.100:::::::*
	cpe:2.3:o:cisco:wireless_lan_controller_software:7.4.100.60:::::::*
	cpe:2.3:o:cisco:wireless_lan_controller_software:7.4.110.0:::::::*
	cpe:2.3:o:cisco:wireless_lan_controller_software:7.4.121.0:::::::*
	cpe:2.3:o:cisco:wireless_lan_controller_software:7.4_base:::::::*
	cpe:2.3:o:cisco:wireless_lan_controller_software:7.6.100.0:::::::*

History

No history.

Information

Published : 2015-05-16 14:59

Updated : 2024-02-04 18:53

NVD link : CVE-2015-0726

Mitre link : CVE-2015-0726

CVE.ORG link : CVE-2015-0726

JSON object : View

Products Affected

cisco

wireless_lan_controller_software

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2015-0726", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-05-16T14:59:02.187", "references": [{"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38789", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securityfocus.com/bid/74641", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1032327", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The web administration interface on Cisco Wireless LAN Controller (WLC) devices before 7.0.241, 7.1.x through 7.4.x before 7.4.122, and 7.5.x and 7.6.x before 7.6.120 allows remote authenticated users to cause a denial of service (device crash) via unspecified parameters, aka Bug IDs CSCum65159 and CSCum65252."}, {"lang": "es", "value": "La interfaz de la administraci\u00f3n web en los dispositivos Cisco Wireless LAN Controller (WLC) anterior a 7.0.241, 7.1.x hasta 7.4.x anterior a 7.4.122, y 7.5.x y 7.6.x anterior a 7.6.120 permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (ca\u00edda de dispositivo) a trav\u00e9s de par\u00e1metros no especificados, tambi\u00e9n conocido como Bug IDs CSCum65159 y CSCum65252."}], "lastModified": "2021-04-16T17:27:07.230", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.0.98.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1855D021-7914-4862-B613-97F6664AE33F"}, {"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.0.98.218:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C781609-860B-43A7-9481-93302020B7DD"}, {"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.0.116.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32488710-1C5F-4511-B807-52AA3200E3BC"}, {"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.0.220.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C89ACF8-7D47-48A9-A6B5-C2250D52D624"}, {"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.0_base:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B50430F-82F1-42BF-A3BA-733D83BB30B5"}, {"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.4.1.54:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77965501-73AA-4FE7-9EB8-A8131408542A"}, {"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.4.100:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CB0B394-5DF5-4972-9463-43F39705DCD2"}, {"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.4.100.60:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D90CC27-03B4-4E8A-B7C7-31CF468CE9B1"}, {"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.4.110.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D811122-DAD3-49F7-BF45-EB86A21C66AD"}, {"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.4.121.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "075749B7-8133-44B2-A9F6-8C57C1799088"}, {"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.4_base:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "490358BD-D4AC-41D9-954E-25D33A1D5545"}, {"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.6.100.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CFFCE42-6068-49F7-A3F7-B3B76BD26AE6"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}