what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Cisco Security Advisory 20160420-wlc

Cisco Security Advisory 20160420-wlc
Posted Apr 20, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the web-based management interface of Cisco Wireless LAN Controller (WLC) devices running Cisco AireOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the presence of unsupported URLs in the web-based device management interface provided by the affected software. An attacker could exploit this vulnerability by attempting to access a URL that is not generally accessible from and supported by the management interface. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, web, denial of service
systems | cisco
SHA-256 | cc7c61582a3a61aaedc912d02cc2f5089a42bb405fe4aade132697a4c20e10f6

Cisco Security Advisory 20160420-wlc

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco Wireless LAN Controller Management Interface Denial of Service Vulnerability

Advisory ID: cisco-sa-20160420-wlc

Revision 1.0

For Public Release 2016 April 20 16:00 GMT (UTC)

+---------------------------------------------------------------------

Summary
=======

A vulnerability in the web-based management interface of Cisco Wireless LAN Controller (WLC) devices running Cisco AireOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.

The vulnerability is due to the presence of unsupported URLs in the web-based device management interface provided by the affected software. An attacker could exploit this vulnerability by attempting to access a URL that is not generally accessible from and supported by the management interface. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-wlc
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJXF4vBAAoJEK89gD3EAJB5DyEQAOZXYD8FI8cLQMVasgCJ2rv5
K8kiwYTZ6RQj0PgdeTk4Ed6UMbi0iT0XYt8E8lo73TNCEm9mqN9nPCXX0Kxsa/06
+aK1yDgB+wxbbrvQ+JNDO6GHWzcjB98giv6lVN8dTDzO8nEP12q1EvV7xKREc7Tz
AJ2xTEOWgpTPEwDG0NxA5ihsxjtPRj52w1m0uxJladV1VFlvfGqmiA2NK7PdRUjz
+5FpbVNG/fBzJCkjQQPjyZViYsAPaeRQnQMfIUov6D7Ta0RYWe+qlSwjmfElR8Pb
BdeACjVsCEZ+YLrQgsyBXZ4MVf8+CL4VdC4M4vrRnxWqVatqdUqNVlsGrovyuVDh
PijWM0pmS/yk12M4KIpjPzPlwJbC9vs4s7qaJXaP+94YvtJwzGAuT9LrWohMExfJ
kQmmCn+Cy/TpX4qMzbN0i5+n+at9KPqHRdSHlnqCTY8eQkxOhY3vt6fbl1z5JkMh
vvq3C9nXC6cQ/Jat36MmXRI3Ky++CzZ1od9joRb1kRAijlM7ZF9hjC0cqsWNX9O1
4XXo4wZ/VaJRUWmSHTMsjY2Yk8ccq1bq8agkOQm+sSBvn36LVrjKpC7ZZEIavnwt
w9A+xLOoVMffa8QiUnLzKu9YuztfHmpWt9wsalhBwaAxeXtxNKKh8GUUtucDo6m0
fclgfYYNyMiUShiD48JD
=FKA2
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close