Race Condition Vulnerability in Cisco Wireless LAN Controller Devices
CVE-2014-0703

Currently unrated

Key Information:

Vendor: Cisco
Status: Wireless Lan Controller Software; Wireless Lan Controller
Vendor: CVE Published:; 6 March 2014

Summary

Multiple Cisco Wireless LAN Controller devices experienced a race condition in the administrative HTTP server's status. This issue allowed remote attackers to bypass access restrictions by connecting to an Aironet access point where the HTTP server had been ineffectively disabled. The vulnerabilities impacted software versions prior to 7.4.110.0, thereby exposing devices to potential unauthorized access and manipulation.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Mar 6, 2014
Vulnerability Reserved
Jan 2, 2014