Sign-up

ID

VAR-201510-0007


CVE

CVE-2015-6311


TITLE

Cisco Wireless LAN Controller Service disruption in device software (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-005177

DESCRIPTION

Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0), 7.3(101.0), and 7.4(1.19) allow remote attackers to cause a denial of service (device outage) by sending malformed 802.11i management data to a managed access point, aka Bug ID CSCub65236. Vendors have confirmed this vulnerability Bug ID CSCub65236 It is released as.A third party may use a malformed form for managed access points. 802.11i Service operation is disrupted by sending management data ( Stop device ) There is a possibility of being put into a state. Attackers can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCub65236. This product provides functions such as security policy and intrusion detection in wireless LAN. The following releases are affected: Cisco WLCs using Release 7.4(1.19), Release 7.3(101.0), and Release 7.0(240.0) software

Trust: 2.52

sources: NVD: CVE-2015-6311 // JVNDB: JVNDB-2015-005177 // CNVD: CNVD-2015-06556 // BID: 76945 // VULHUB: VHN-84272

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2015-06556

AFFECTED PRODUCTS

vendor:ciscomodel:wireless lan controllerscope:eqversion:7.3\(101.0\)

Trust: 1.6

vendor:ciscomodel:wireless lan controllerscope:eqversion:7.0\(240.0\)

Trust: 1.6

vendor:ciscomodel:wireless lan controllerscope:eqversion:7.4\(1.19\)

Trust: 1.6

vendor:ciscomodel:wireless lan controllerscope:eqversion:7.3.101.0

Trust: 0.9

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:7.0(240.0)

Trust: 0.8

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:7.3(101.0)

Trust: 0.8

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:7.4(1.19)

Trust: 0.8

vendor:ciscomodel:wireless lan controllerscope:eqversion:7.0240.0

Trust: 0.6

vendor:ciscomodel:wireless lan controllerscope:eqversion:7.41.19

Trust: 0.6

vendor:ciscomodel:wireless lan controllerscope:eqversion:7.0.2400

Trust: 0.3

vendor:ciscomodel:wireless lan controllerscope:eqversion:7.4.1.19

Trust: 0.3

sources: CNVD: CNVD-2015-06556 // BID: 76945 // JVNDB: JVNDB-2015-005177 // CNNVD: CNNVD-201510-081 // NVD: CVE-2015-6311

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-6311
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-6311
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2015-06556
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201510-081
value: MEDIUM

Trust: 0.6

VULHUB: VHN-84272
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-6311
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2015-06556
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-84272
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2015-06556 // VULHUB: VHN-84272 // JVNDB: JVNDB-2015-005177 // CNNVD: CNNVD-201510-081 // NVD: CVE-2015-6311

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

sources: VULHUB: VHN-84272 // JVNDB: JVNDB-2015-005177 // NVD: CVE-2015-6311

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201510-081

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201510-081

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-005177

PATCH
title:Cisco-SA-20151002-CVE-2015-6311url:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20151002-CVE-2015-6311
Trust: 0.8
title:41249url:http://tools.cisco.com/security/center/viewAlert.x?alertId=41249
Trust: 0.8
title:Cisco Wireless LAN Controller 802.11i Manages Patches for Frame Handling Denial of Service Vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/65138
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2015-06556 // 
            
            
            
            JVNDB: JVNDB-2015-005177

EXTERNAL IDS
db:NVDid:CVE-2015-6311
Trust: 3.4
db:SECTRACKid:1033731
Trust: 1.1
db:JVNDBid:JVNDB-2015-005177
Trust: 0.8
db:CNNVDid:CNNVD-201510-081
Trust: 0.7
db:CNVDid:CNVD-2015-06556
Trust: 0.6
db:BIDid:76945
Trust: 0.4
db:VULHUBid:VHN-84272
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2015-06556 // 
            
            
            
            VULHUB: VHN-84272 // 
            
            
            
            BID: 76945 // 
            
            
            
            JVNDB: JVNDB-2015-005177 // 
            
            
            
            CNNVD: CNNVD-201510-081 // 
            
            
            
            NVD: CVE-2015-6311

REFERENCES
url:http://tools.cisco.com/security/center/viewalert.x?alertid=41249
Trust: 2.6
url:http://www.securitytracker.com/id/1033731
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6311
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6311
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2015-06556 // 
            
            
            
            VULHUB: VHN-84272 // 
            
            
            
            BID: 76945 // 
            
            
            
            JVNDB: JVNDB-2015-005177 // 
            
            
            
            CNNVD: CNNVD-201510-081 // 
            
            
            
            NVD: CVE-2015-6311

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 76945

SOURCES
db:CNVDid:CNVD-2015-06556
db:VULHUBid:VHN-84272
db:BIDid:76945
db:JVNDBid:JVNDB-2015-005177
db:CNNVDid:CNNVD-201510-081
db:NVDid:CVE-2015-6311

LAST UPDATE DATE
2024-11-23T22:49:21.570000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2015-06556date:2015-10-16T00:00:00
db:VULHUBid:VHN-84272date:2017-01-04T00:00:00
db:BIDid:76945date:2015-10-02T00:00:00
db:JVNDBid:JVNDB-2015-005177date:2015-10-13T00:00:00
db:CNNVDid:CNNVD-201510-081date:2015-10-09T00:00:00
db:NVDid:CVE-2015-6311date:2024-11-21T02:34:45.270

SOURCES RELEASE DATE
db:CNVDid:CNVD-2015-06556date:2015-10-16T00:00:00
db:VULHUBid:VHN-84272date:2015-10-08T00:00:00
db:BIDid:76945date:2015-10-02T00:00:00
db:JVNDBid:JVNDB-2015-005177date:2015-10-13T00:00:00
db:CNNVDid:CNNVD-201510-081date:2015-10-09T00:00:00
db:NVDid:CVE-2015-6311date:2015-10-08T20:59:03.380