Details of VAR-201604-0560

ID

VAR-201604-0560

CVE

CVE-2016-1363

TITLE

Cisco Wireless LAN Controller Software redirection buffer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2016-002340

DESCRIPTION

Buffer overflow in the redirection functionality in Cisco Wireless LAN Controller (WLC) Software 7.2 through 7.4 before 7.4.140.0(MD) and 7.5 through 8.0 before 8.0.115.0(ED) allows remote attackers to execute arbitrary code via a crafted HTTP request, aka Bug ID CSCus25617. The Cisco WLC is responsible for system-wide wireless LAN functions such as security policy, intrusion protection, RF management, quality of service, and mobility. An attacker can exploit this issue to execute arbitrary code on the affected device. Failed exploit attempts will result in denial-of-service conditions. This issue is being tracked by Cisco bug ID CSCus25617. The following releases are affected: Cisco WLC Release 7.2, Release 7.3, Release 7.4 prior to 7.4.140.0(MD), Release 7.5, Release 7.6, Release 8.0 prior to 8.0.115.0(ED)

Trust: 2.52

sources: NVD: CVE-2016-1363 // JVNDB: JVNDB-2016-002340 // CNVD: CNVD-2016-02518 // BID: 86761 // VULHUB: VHN-90182

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-02518

AFFECTED PRODUCTS

vendor:	cisco	model:	wireless lan controller software	scope:	lt	version:	8.0.115.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller software	scope:	gte	version:	7.2.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller software	scope:	gte	version:	7.5.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller software	scope:	lt	version:	7.4.140.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.0.115.0(ed)	Trust: 0.8
vendor:	cisco	model:	wireless lan controller software	scope:	lt	version:	7.4	Trust: 0.8
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	all 7.5 release	Trust: 0.8
vendor:	cisco	model:	wireless lan controller software	scope:	lt	version:	8.0	Trust: 0.8
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	all 7.2 release	Trust: 0.8
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	all 7.3 release	Trust: 0.8
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	all 7.6 release	Trust: 0.8
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	7.4.140.0(md)	Trust: 0.8
vendor:	cisco	model:	wireless lan controller 8.0<8.0.110.0	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.6	Trust: 0.6
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.5	Trust: 0.6
vendor:	cisco	model:	wireless lan controller 7.4<7.4.130.0	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.3	Trust: 0.6
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.2	Trust: 0.6
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	7.5.102.0	Trust: 0.6
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	7.4.100	Trust: 0.6
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.0.72.140	Trust: 0.6
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	7.4.1.19	Trust: 0.6
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	7.4.1.54	Trust: 0.6
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.1.0	Trust: 0.6
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	7.4.100.60	Trust: 0.6
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	7.6.1.62	Trust: 0.6
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	7.5.102.11	Trust: 0.6
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	7.4.1.1	Trust: 0.6

sources: CNVD: CNVD-2016-02518 // JVNDB: JVNDB-2016-002340 // CNNVD: CNNVD-201604-512 // NVD: CVE-2016-1363

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-1363
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2016-1363
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2016-02518
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201604-512
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-90182
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-1363
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-02518
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-90182
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-1363
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2016-1363
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2016-02518 // VULHUB: VHN-90182 // JVNDB: JVNDB-2016-002340 // CNNVD: CNNVD-201604-512 // NVD: CVE-2016-1363

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-90182 // JVNDB: JVNDB-2016-002340 // NVD: CVE-2016-1363

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201604-512

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201604-512

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-002340

PATCH

title:	cisco-sa-20160420-htrd	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-htrd	Trust: 0.8
title:	Patch for Cisco WirelessLANController Denial of Service Vulnerability (CNVD-2016-02518)	url:	https://www.cnvd.org.cn/patchInfo/show/74743	Trust: 0.6
title:	Cisco Wireless LAN Controller redirection Fixes for feature buffer overflow vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61201	Trust: 0.6

sources: CNVD: CNVD-2016-02518 // JVNDB: JVNDB-2016-002340 // CNNVD: CNNVD-201604-512

EXTERNAL IDS

db:	NVD	id:	CVE-2016-1363	Trust: 3.4
db:	SECTRACK	id:	1035633	Trust: 1.7
db:	JVNDB	id:	JVNDB-2016-002340	Trust: 0.8
db:	CNNVD	id:	CNNVD-201604-512	Trust: 0.7
db:	CNVD	id:	CNVD-2016-02518	Trust: 0.6
db:	BID	id:	86761	Trust: 0.4
db:	VULHUB	id:	VHN-90182	Trust: 0.1

sources: CNVD: CNVD-2016-02518 // VULHUB: VHN-90182 // BID: 86761 // JVNDB: JVNDB-2016-002340 // CNNVD: CNNVD-201604-512 // NVD: CVE-2016-1363

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160420-htrd	Trust: 2.3
url:	http://www.securitytracker.com/id/1035633	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1363	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1363	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2016-02518 // VULHUB: VHN-90182 // BID: 86761 // JVNDB: JVNDB-2016-002340 // CNNVD: CNNVD-201604-512 // NVD: CVE-2016-1363

CREDITS

Cisco

Trust: 0.3

sources: BID: 86761

SOURCES

db:	CNVD	id:	CNVD-2016-02518
db:	VULHUB	id:	VHN-90182
db:	BID	id:	86761
db:	JVNDB	id:	JVNDB-2016-002340
db:	CNNVD	id:	CNNVD-201604-512
db:	NVD	id:	CVE-2016-1363

LAST UPDATE DATE

2024-11-23T22:18:16.060000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-02518	date:	2016-04-26T00:00:00
db:	VULHUB	id:	VHN-90182	date:	2016-12-03T00:00:00
db:	BID	id:	86761	date:	2016-04-20T00:00:00
db:	JVNDB	id:	JVNDB-2016-002340	date:	2016-04-28T00:00:00
db:	CNNVD	id:	CNNVD-201604-512	date:	2021-04-19T00:00:00
db:	NVD	id:	CVE-2016-1363	date:	2024-11-21T02:46:15.613

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-02518	date:	2016-04-26T00:00:00
db:	VULHUB	id:	VHN-90182	date:	2016-04-21T00:00:00
db:	BID	id:	86761	date:	2016-04-20T00:00:00
db:	JVNDB	id:	JVNDB-2016-002340	date:	2016-04-28T00:00:00
db:	CNNVD	id:	CNNVD-201604-512	date:	2016-04-22T00:00:00
db:	NVD	id:	CVE-2016-1363	date:	2016-04-21T11:00:01.587