CVE-2014-0701

CWE-399 CWE-20 — Improper Input Validation CWE-362 — Race Condition4 documents4 sources

Severity

7.8HIGH

EPSS

0.4%

top 39.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Wireless LAN Controller Software

Timeline

PublishedMar 6

Latest updateMay 17

Description

Cisco Wireless LAN Controller (WLC) devices 7.0 before 7.0.250.0, 7.2, 7.3, and 7.4 before 7.4.110.0 do not properly deallocate memory, which allows remote attackers to cause a denial of service (reboot) by sending WebAuth login requests at a high rate, aka Bug ID CSCuf52361.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

▶NVDcisco/wireless_lan_controller_software10 versions+9

🔴Vulnerability Details

GHSA

GHSA-5452-774m-835h: Cisco Wireless LAN Controller (WLC) devices 7↗2022-05-17

▶

CVEList

CVE-2014-0701: Cisco Wireless LAN Controller (WLC) devices 7↗2014-03-06

▶

📋Vendor Advisories

Cisco

Multiple Vulnerabilities in Cisco Wireless LAN Controllers↗2014-03-06

▶