Product:

Wireless_lan_controller_software

(Cisco)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 85
Date Id Summary Products Score Patch Annotated
2012-12-19 CVE-2012-6007 Cross-site scripting (XSS) vulnerability in screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to inject arbitrary web script or HTML via the headline parameter, aka Bug ID CSCud65187, a different vulnerability than CVE-2012-5992. 2000_wireless_lan_controller, 2100_wireless_lan_controller, 2500_wireless_lan_controller, 4100_wireless_lan_controller, 4400_wireless_lan_controller, 5500_wireless_lan_controller, 7500_wireless_lan_controller, 8500_wireless_lan_controller, Wireless_lan_controller_software N/A
2012-12-19 CVE-2012-5992 Multiple cross-site request forgery (CSRF) vulnerabilities on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add administrative accounts via screens/aaa/mgmtuser_create.html or (2) insert XSS sequences via the headline parameter to screens/base/web_auth_custom.html, aka Bug ID CSCud50283. 2000_wireless_lan_controller, 2100_wireless_lan_controller, 2500_wireless_lan_controller, 4100_wireless_lan_controller, 4400_wireless_lan_controller, 5500_wireless_lan_controller, 7500_wireless_lan_controller, 8500_wireless_lan_controller, Wireless_lan_controller_software N/A
2012-12-19 CVE-2012-5991 screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to cause a denial of service (device reload) via a certain buttonClicked value in an internal webauth_type request, aka Bug ID CSCud50209. 2000_wireless_lan_controller, 2100_wireless_lan_controller, 2500_wireless_lan_controller, 4100_wireless_lan_controller, 4400_wireless_lan_controller, 5500_wireless_lan_controller, 7500_wireless_lan_controller, 8500_wireless_lan_controller, Wireless_lan_controller_software N/A
2012-03-01 CVE-2012-0371 Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-based ACLs are enabled, allow remote attackers to read or modify the configuration via unspecified vectors, aka Bug ID CSCtu56709. 2000_wireless_lan_controller, 2100_wireless_lan_controller, 2106_wireless_lan_controller, 2112_wireless_lan_controller, 2125_wireless_lan_controller, 2500_wireless_lan_controller, 2504_wireless_lan_controller, 4100_wireless_lan_controller, 4400_wireless_lan_controller, 4402_wireless_lan_controller, 4404_wireless_lan_controller, 5508_wireless_controller, Wireless_lan_controller_software N/A
2012-03-01 CVE-2012-0370 Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service (device reload) via a sequence of (1) HTTP or (2) HTTPS packets, aka Bug ID CSCtt47435. 2000_wireless_lan_controller, 2100_wireless_lan_controller, 2106_wireless_lan_controller, 2112_wireless_lan_controller, 2125_wireless_lan_controller, 2500_wireless_lan_controller, 2504_wireless_lan_controller, 4100_wireless_lan_controller, 4400_wireless_lan_controller, 4402_wireless_lan_controller, 4404_wireless_lan_controller, 5508_wireless_controller, Wireless_lan_controller_software N/A
2012-03-01 CVE-2012-0369 Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (device reload) via a sequence of IPv6 packets, aka Bug ID CSCtt07949. 2000_wireless_lan_controller, 2100_wireless_lan_controller, 2106_wireless_lan_controller, 2112_wireless_lan_controller, 2125_wireless_lan_controller, 2500_wireless_lan_controller, 2504_wireless_lan_controller, 4100_wireless_lan_controller, 4400_wireless_lan_controller, 4402_wireless_lan_controller, 4404_wireless_lan_controller, 5508_wireless_controller, Wireless_lan_controller_software N/A
2012-03-01 CVE-2012-0368 The administrative management interface on Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allows remote attackers to cause a denial of service (device crash) via a malformed URL in an HTTP request, aka Bug ID CSCts81997. 2000_wireless_lan_controller, 2100_wireless_lan_controller, 2106_wireless_lan_controller, 2112_wireless_lan_controller, 2125_wireless_lan_controller, 2500_wireless_lan_controller, 2504_wireless_lan_controller, 4100_wireless_lan_controller, 4400_wireless_lan_controller, 4402_wireless_lan_controller, 4404_wireless_lan_controller, 5508_wireless_controller, Wireless_lan_controller_software N/A
2011-05-03 CVE-2011-1613 Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 6.0 before 6.0.200.0, 7.0 before 7.0.98.216, and 7.0.1xx before 7.0.112.0 allows remote attackers to cause a denial of service (device reload) via a sequence of ICMP packets, aka Bug ID CSCth74426. Wireless_lan_controller_software N/A
2010-09-10 CVE-2010-3034 Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified vectors, a different vulnerability than CVE-2010-0575. Wireless_lan_controller_software N/A
2010-09-10 CVE-2010-3033 Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and CVE-2010-2843. Wireless_lan_controller_software N/A