ID
VAR-201505-0172
CVE
CVE-2015-0726
TITLE
Cisco Wireless LAN Controller Device Web Service disruption in the management interface (DoS) Vulnerabilities
Trust: 0.8
sources:
JVNDB: JVNDB-2015-002712
DESCRIPTION
The web administration interface on Cisco Wireless LAN Controller (WLC) devices before 7.0.241, 7.1.x through 7.4.x before 7.4.122, and 7.5.x and 7.6.x before 7.6.120 allows remote authenticated users to cause a denial of service (device crash) via unspecified parameters, aka Bug IDs CSCum65159 and CSCum65252. An attacker could exploit this vulnerability to cause the affected device to crash, resulting in a denial of service. This issue is being tracked by Cisco Bug ID's CSCum65159 and CSCum65252. The following versions are affected: Cisco WLC prior to 7.0.241, prior to 7.4.122, prior to 7.6.120
Trust: 2.52
sources:
NVD: CVE-2015-0726 //
JVNDB: JVNDB-2015-002712 //
CNVD: CNVD-2015-03231 //
BID: 74641 //
VULHUB: VHN-78672
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2015-03231
AFFECTED PRODUCTS
| vendor: | cisco | model: | wireless lan controller software | scope: | eq | version: | 7.0.220.0 | Trust: 1.6 |
| vendor: | cisco | model: | wireless lan controller software | scope: | eq | version: | 7.0.98.0 | Trust: 1.6 |
| vendor: | cisco | model: | wireless lan controller software | scope: | eq | version: | 7.4.100 | Trust: 1.6 |
| vendor: | cisco | model: | wireless lan controller software | scope: | eq | version: | 7.0.98.218 | Trust: 1.6 |
| vendor: | cisco | model: | wireless lan controller software | scope: | eq | version: | 7.6.100.0 | Trust: 1.6 |
| vendor: | cisco | model: | wireless lan controller software | scope: | eq | version: | 7.4_base | Trust: 1.6 |
| vendor: | cisco | model: | wireless lan controller software | scope: | eq | version: | 7.4.1.54 | Trust: 1.6 |
| vendor: | cisco | model: | wireless lan controller software | scope: | eq | version: | 7.0_base | Trust: 1.6 |
| vendor: | cisco | model: | wireless lan controller software | scope: | eq | version: | 7.0.116.0 | Trust: 1.6 |
| vendor: | cisco | model: | wireless lan controller software | scope: | eq | version: | 7.4.121.0 | Trust: 1.0 |
| vendor: | cisco | model: | wireless lan controller software | scope: | eq | version: | 7.4.110.0 | Trust: 1.0 |
| vendor: | cisco | model: | wireless lan controller software | scope: | eq | version: | 7.4.100.60 | Trust: 1.0 |
| vendor: | cisco | model: | wireless lan controller software | scope: | lt | version: | 7.4.x | Trust: 0.8 |
| vendor: | cisco | model: | wireless lan controller software | scope: | eq | version: | 7.6.120 | Trust: 0.8 |
| vendor: | cisco | model: | wireless lan controller software | scope: | eq | version: | 7.1.x from 7.4.122 | Trust: 0.8 |
| vendor: | cisco | model: | wireless lan controller software | scope: | lt | version: | 7.6.x | Trust: 0.8 |
| vendor: | cisco | model: | wireless lan controller software | scope: | eq | version: | 7.5.x | Trust: 0.8 |
| vendor: | cisco | model: | wireless lan controller | scope: | lt | version: | 7.0.241 | Trust: 0.6 |
| vendor: | cisco | model: | wireless lan controller | scope: | eq | version: | 7.1.x-7.4.x(<7.4.122) | Trust: 0.6 |
| vendor: | cisco | model: | wireless lan controller | scope: | eq | version: | 7.5.x | Trust: 0.6 |
| vendor: | cisco | model: | wireless lan controller | scope: | eq | version: | 7.6.x(<7.6.120) | Trust: 0.6 |
| vendor: | cisco | model: | wireless lan controller software | scope: | eq | version: | 7.6.110.0 | Trust: 0.6 |
sources:
CNVD: CNVD-2015-03231 //
JVNDB: JVNDB-2015-002712 //
CNNVD: CNNVD-201505-243 //
NVD: CVE-2015-0726
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
CNVD: CNVD-2015-03231 //
VULHUB: VHN-78672 //
JVNDB: JVNDB-2015-002712 //
CNNVD: CNNVD-201505-243 //
NVD: CVE-2015-0726
PROBLEMTYPE DATA
| problemtype: | CWE-20 | Trust: 1.9 |
sources:
VULHUB: VHN-78672 //
JVNDB: JVNDB-2015-002712 //
NVD: CVE-2015-0726
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-201505-243
TYPE
Input Validation Error
Trust: 0.9
sources:
BID: 74641 //
CNNVD: CNNVD-201505-243
CONFIGURATIONS
sources:
JVNDB: JVNDB-2015-002712
PATCH
| title: | 38789 | url: | http://tools.cisco.com/security/center/viewAlert.x?alertId=38789 | Trust: 0.8 |
| title: | Patch for Cisco Wireless LAN Controller Denial of Service Vulnerability (CNVD-2015-03231) | url: | https://www.cnvd.org.cn/patchInfo/show/58656 | Trust: 0.6 |
| title: | Cisco Wireless LAN Controller Web Administration Interface Remediation measures for denial of service vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147660 | Trust: 0.6 |
sources:
CNVD: CNVD-2015-03231 //
JVNDB: JVNDB-2015-002712 //
CNNVD: CNNVD-201505-243
EXTERNAL IDS
| db: | NVD | id: | CVE-2015-0726 | Trust: 3.4 |
| db: | BID | id: | 74641 | Trust: 2.6 |
| db: | SECTRACK | id: | 1032327 | Trust: 1.7 |
| db: | JVNDB | id: | JVNDB-2015-002712 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201505-243 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2015-03231 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-78672 | Trust: 0.1 |
sources:
CNVD: CNVD-2015-03231 //
VULHUB: VHN-78672 //
BID: 74641 //
JVNDB: JVNDB-2015-002712 //
CNNVD: CNNVD-201505-243 //
NVD: CVE-2015-0726
REFERENCES
| url: | http://www.securityfocus.com/bid/74641 | Trust: 2.3 |
| url: | http://tools.cisco.com/security/center/viewalert.x?alertid=38789 | Trust: 2.0 |
| url: | http://www.securitytracker.com/id/1032327 | Trust: 1.7 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0726 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0726 | Trust: 0.8 |
| url: | http://www.cisco.com/ | Trust: 0.3 |
| url: | http://www.cisco.com/en/us/products/ps6302/products_sub_category_home.html | Trust: 0.3 |
sources:
CNVD: CNVD-2015-03231 //
VULHUB: VHN-78672 //
BID: 74641 //
JVNDB: JVNDB-2015-002712 //
CNNVD: CNNVD-201505-243 //
NVD: CVE-2015-0726
CREDITS
Cisco
Trust: 0.3
sources:
BID: 74641
SOURCES
| db: | CNVD | id: | CNVD-2015-03231 |
| db: | VULHUB | id: | VHN-78672 |
| db: | BID | id: | 74641 |
| db: | JVNDB | id: | JVNDB-2015-002712 |
| db: | CNNVD | id: | CNNVD-201505-243 |
| db: | NVD | id: | CVE-2015-0726 |
LAST UPDATE DATE
2024-11-23T22:42:28.874000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2015-03231 | date: | 2015-05-21T00:00:00 |
| db: | VULHUB | id: | VHN-78672 | date: | 2017-01-06T00:00:00 |
| db: | BID | id: | 74641 | date: | 2015-05-13T00:00:00 |
| db: | JVNDB | id: | JVNDB-2015-002712 | date: | 2015-05-19T00:00:00 |
| db: | CNNVD | id: | CNNVD-201505-243 | date: | 2021-04-19T00:00:00 |
| db: | NVD | id: | CVE-2015-0726 | date: | 2024-11-21T02:23:36.530 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2015-03231 | date: | 2015-05-20T00:00:00 |
| db: | VULHUB | id: | VHN-78672 | date: | 2015-05-16T00:00:00 |
| db: | BID | id: | 74641 | date: | 2015-05-13T00:00:00 |
| db: | JVNDB | id: | JVNDB-2015-002712 | date: | 2015-05-19T00:00:00 |
| db: | CNNVD | id: | CNNVD-201505-243 | date: | 2015-05-15T00:00:00 |
| db: | NVD | id: | CVE-2015-0726 | date: | 2015-05-16T14:59:02.187 |