Denial of Service Vulnerability in Cisco Wireless LAN Controllers
CVE-2012-0370

Currently unrated

Key Information:

Vendor: Cisco
Status: Wireless Lan Controller Software; 2000 Wireless Lan Controller; 2100 Wireless Lan Controller; 2106 Wireless Lan Controller
Vendor: CVE Published:; 1 March 2012

Summary

This vulnerability affects Cisco Wireless LAN Controllers when WebAuth is enabled. Remote attackers can exploit the vulnerability by sending a carefully crafted sequence of HTTP or HTTPS packets, leading to a denial of service condition that causes the device to reload. The affected software versions include 4.x, 5.x, and 6.0, as well as versions 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0. It is essential to apply the necessary updates to mitigate this vulnerability.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://archives.neohapsis.com/archives/bugtraq/2012-02/01...

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Mar 1, 2012
Vulnerability Reserved
Jan 4, 2012