CVE-2015-0726

CWE-20 — Improper Input Validation4 documents4 sources

Severity

6.8MEDIUM

EPSS

0.6%

top 29.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Wireless LAN Controller Software

Timeline

PublishedMay 16

Latest updateMay 13

Description

The web administration interface on Cisco Wireless LAN Controller (WLC) devices before 7.0.241, 7.1.x through 7.4.x before 7.4.122, and 7.5.x and 7.6.x before 7.6.120 allows remote authenticated users to cause a denial of service (device crash) via unspecified parameters, aka Bug IDs CSCum65159 and CSCum65252.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 8.0 | Impact: 6.9

Affected Packages1 packages

▶NVDcisco/wireless_lan_controller_software12 versions+11

🔴Vulnerability Details

GHSA

GHSA-46xf-gvq9-5fvh: The web administration interface on Cisco Wireless LAN Controller (WLC) devices before 7↗2022-05-13

▶

CVEList

CVE-2015-0726: The web administration interface on Cisco Wireless LAN Controller (WLC) devices before 7↗2015-05-16

▶

📋Vendor Advisories

Cisco

Cisco Wireless LAN Controller Web Administration Interface Authenticated Remote Denial of Service Vulnerability↗2015-05-13

▶