CVE-2013-1141 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco Wireless LAN Controller Software

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources

Severity

6.1MEDIUMNVD

EPSS

0.2%

top 63.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Wireless LAN Controller Software

Timeline

PublishedFeb 28

Latest updateMay 17

Description

The mDNS snooping functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.4.1.54 and earlier does not properly manage buffers, which allows remote authenticated users to cause a denial of service (device reload) via crafted mDNS packets, aka Bug ID CSCue04153.

CVSS vector

AV:A/AC:L/C:N/I:N/A:CExploitability: 6.5 | Impact: 6.9

Affected Packages1 packages

▶NVDcisco/wireless_lan_controller_software7.4.1.54+56

🔴Vulnerability Details

GHSA

GHSA-3f96-f7jm-vmvm: The mDNS snooping functionality on Cisco Wireless LAN Controller (WLC) devices with software 7↗2022-05-17

▶

CVEList

CVE-2013-1141: The mDNS snooping functionality on Cisco Wireless LAN Controller (WLC) devices with software 7↗2013-02-28

▶