Denial of Service Vulnerability in Cisco Wireless LAN Controllers
CVE-2014-0705

Currently unrated

Key Information:

Vendor: Cisco
Status: Wireless Lan Controller Software; Wireless Lan Controller
Vendor: CVE Published:; 6 March 2014

Summary

The multicast listener discovery (MLD) service on specific models of Cisco Wireless LAN Controller devices is vulnerable when MLDv2 Snooping is enabled. Attackers can exploit this vulnerability by sending malformed IPv6 MLDv2 packets, potentially causing the device to experience a denial of service by restarting unexpectedly. This issue affects various versions up to and including 7.4 (prior to 7.4.121.0) and 7.5, posing significant risks to network stability and service continuity.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Mar 6, 2014
Vulnerability Reserved
Jan 2, 2014