Vulnerability CVE-2012-0371


Published: 2012-02-29   Modified: 2012-03-01

Description:
Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-based ACLs are enabled, allow remote attackers to read or modify the configuration via unspecified vectors, aka Bug ID CSCtu56709.

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9.3/10
10/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Cisco -> 2000 wireless lan controller 
Cisco -> 2100 wireless lan controller 
Cisco -> 2106 wireless lan controller 
Cisco -> 2112 wireless lan controller 
Cisco -> 2125 wireless lan controller 
Cisco -> 2500 wireless lan controller 
Cisco -> 2504 wireless lan controller 
Cisco -> 4100 wireless lan controller 
Cisco -> 4400 wireless lan controller 
Cisco -> 4402 wireless lan controller 
Cisco -> 4404 wireless lan controller 
Cisco -> 5508 wireless controller 
Cisco -> Wireless lan controller software 

 References:
http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc

Copyright 2024, cxsecurity.com

 

Back to Top