CVE-2009-0062 — Cisco Catalyst 3750 Series Integrated Wireless LAN Controller vulnerability

CWE-264 CWE-3995 documents5 sources

Severity

9.0CRITICALNVD

EPSS

0.5%

top 34.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Catalyst 3750 Series Integrated Wireless LAN Controller Cisco Catalyst 6500 Wireless Services Modules Cisco Wireless LAN Controller Software

Timeline

PublishedFeb 5

Latest updateMay 2

Description

Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages3 packages

▶NVDcisco/catalyst_3750_series_integrated_wireless_lan_controller4.2, 4.2.173.0+1

▶NVDcisco/catalyst_6500_wireless_services_modules4.2, 4.2.173.0+1

▶NVDcisco/wireless_lan_controller_software4.2, 4.2.173.0+1

🔴Vulnerability Details

GHSA

GHSA-8hv4-wf5q-j3p8: Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Int↗2022-05-02

▶

CVEList

CVE-2009-0062: Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Int↗2009-02-05

▶

📋Vendor Advisories

Cisco

Multiple Vulnerabilities in Cisco Wireless LAN Controllers↗2009-02-04

▶

💬Community

Bugzilla

CVE-2010-0290 BIND upstream fix for CVE-2009-4022 is incomplete↗2010-01-20

▶