CVE-2007-4012 — Cisco Wireless LAN Controller Software vulnerability

CWE-3994 documents4 sources

Severity

7.1HIGHNVD

EPSS

1.1%

top 22.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Wireless LAN Controller Software

Timeline

PublishedJul 26

Latest updateMay 1

Description

Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (ARP storm) via a broadcast ARP packet that "targets the IP address of a known client context", aka CSCsj50374.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

▶NVDcisco/wireless_lan_controller_software5 versions+4

🔴Vulnerability Details

GHSA

GHSA-q69v-9h9q-cr4v: Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software 4↗2022-05-01

▶

CVEList

CVE-2007-4012: Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software 4↗2007-07-26

▶

📋Vendor Advisories

Cisco

Wireless ARP Storm Vulnerabilities↗2007-07-24

▶