Details of VAR-201403-0210

ID

VAR-201403-0210

CVE

CVE-2014-0706

TITLE

Cisco Wireless LAN Controller Service disruption on devices (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-001584

DESCRIPTION

Cisco Wireless LAN Controller (WLC) devices 7.2 before 7.2.115.2, 7.3, and 7.4 before 7.4.110.0 allow remote attackers to cause a denial of service (device restart) via a crafted 802.11 Ethernet frame, aka Bug ID CSCue87929. Attackers can exploit this issue to cause the affected device to restart, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCue87929. Cisco WLC devices have security vulnerabilities

Trust: 2.52

sources: NVD: CVE-2014-0706 // JVNDB: JVNDB-2014-001584 // CNVD: CNVD-2014-01540 // BID: 65985 // VULHUB: VHN-68199

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2014-01540

AFFECTED PRODUCTS

vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	7.3	Trust: 2.4
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	7.3.101.0	Trust: 1.6
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	7.4.100.60	Trust: 1.6
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	7.2	Trust: 1.6
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	7.2.110.0	Trust: 1.6
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	7.4.100.0	Trust: 1.6
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	7.2.103.0	Trust: 1.6
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	wireless lan controller software	scope:	lt	version:	7.4	Trust: 0.8
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	7.4.110.0	Trust: 0.8
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	7.2.115.2	Trust: 0.8
vendor:	cisco	model:	wireless lan controller software	scope:	lt	version:	7.2	Trust: 0.8
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.2	Trust: 0.6
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.3	Trust: 0.6
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.4	Trust: 0.6

sources: CNVD: CNVD-2014-01540 // JVNDB: JVNDB-2014-001584 // CNNVD: CNNVD-201403-137 // NVD: CVE-2014-0706

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-0706
value:	HIGH
Trust: 1.0
NVD:	CVE-2014-0706
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2014-01540
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201403-137
value:	HIGH
Trust: 0.6
VULHUB:	VHN-68199
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2014-0706
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2014-01540
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-68199
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2014-01540 // VULHUB: VHN-68199 // JVNDB: JVNDB-2014-001584 // CNNVD: CNNVD-201403-137 // NVD: CVE-2014-0706

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-68199 // JVNDB: JVNDB-2014-001584 // NVD: CVE-2014-0706

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201403-137

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201403-137

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-001584

PATCH

title:	30830	url:	http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=30830	Trust: 0.8
title:	cisco-sa-20140305-wlc	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc	Trust: 0.8
title:	33102	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=33102	Trust: 0.8
title:	cisco-sa-20140305-wlc	url:	http://www.cisco.com/cisco/web/support/JP/112/1122/1122122_cisco-sa-20140305-wlc-j.html	Trust: 0.8
title:	Patch for Cisco Wireless LAN Controller Remote Denial of Service Vulnerability (CNVD-2014-01540)	url:	https://www.cnvd.org.cn/patchInfo/show/44126	Trust: 0.6

sources: CNVD: CNVD-2014-01540 // JVNDB: JVNDB-2014-001584

EXTERNAL IDS

db:	NVD	id:	CVE-2014-0706	Trust: 3.4
db:	BID	id:	65985	Trust: 1.0
db:	JVNDB	id:	JVNDB-2014-001584	Trust: 0.8
db:	CNNVD	id:	CNNVD-201403-137	Trust: 0.7
db:	CNVD	id:	CNVD-2014-01540	Trust: 0.6
db:	SECUNIA	id:	57128	Trust: 0.6
db:	CISCO	id:	20140305 MULTIPLE VULNERABILITIES IN CISCO WIRELESS LAN CONTROLLERS	Trust: 0.6
db:	SEEBUG	id:	SSVID-61688	Trust: 0.1
db:	VULHUB	id:	VHN-68199	Trust: 0.1

sources: CNVD: CNVD-2014-01540 // VULHUB: VHN-68199 // BID: 65985 // JVNDB: JVNDB-2014-001584 // CNNVD: CNNVD-201403-137 // NVD: CVE-2014-0706

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140305-wlc	Trust: 2.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0706	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0706	Trust: 0.8
url:	http://secunia.com/advisories/57128	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2014-01540 // VULHUB: VHN-68199 // BID: 65985 // JVNDB: JVNDB-2014-001584 // CNNVD: CNNVD-201403-137 // NVD: CVE-2014-0706

CREDITS

Cisco

Trust: 0.3

sources: BID: 65985

SOURCES

db:	CNVD	id:	CNVD-2014-01540
db:	VULHUB	id:	VHN-68199
db:	BID	id:	65985
db:	JVNDB	id:	JVNDB-2014-001584
db:	CNNVD	id:	CNNVD-201403-137
db:	NVD	id:	CVE-2014-0706

LAST UPDATE DATE

2024-11-23T22:02:13.753000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-01540	date:	2014-03-10T00:00:00
db:	VULHUB	id:	VHN-68199	date:	2014-03-07T00:00:00
db:	BID	id:	65985	date:	2014-03-05T00:00:00
db:	JVNDB	id:	JVNDB-2014-001584	date:	2014-03-07T00:00:00
db:	CNNVD	id:	CNNVD-201403-137	date:	2014-03-11T00:00:00
db:	NVD	id:	CVE-2014-0706	date:	2024-11-21T02:02:40.437

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2014-01540	date:	2014-03-10T00:00:00
db:	VULHUB	id:	VHN-68199	date:	2014-03-06T00:00:00
db:	BID	id:	65985	date:	2014-03-05T00:00:00
db:	JVNDB	id:	JVNDB-2014-001584	date:	2014-03-07T00:00:00
db:	CNNVD	id:	CNNVD-201403-137	date:	2014-03-11T00:00:00
db:	NVD	id:	CVE-2014-0706	date:	2014-03-06T11:55:05.413