CVE-2015-6258Improper Input Validation in Cisco Wireless LAN Controller Software

CWE-20Improper Input Validation4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
0.2%
top 56.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Wireless LAN Controller Software
Timeline
PublishedAug 22
Latest updateMay 17

Description

The Internet Access Point Protocol (IAPP) module on Cisco Wireless LAN Controller (WLC) devices with software 8.1(104.37) allows remote attackers to trigger incorrect traffic forwarding via crafted IPv6 packets, aka Bug ID CSCuv40033.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-82fc-gv4r-v2jq: The Internet Access Point Protocol (IAPP) module on Cisco Wireless LAN Controller (WLC) devices with software 82022-05-17
CVEList
CVE-2015-6258: The Internet Access Point Protocol (IAPP) module on Cisco Wireless LAN Controller (WLC) devices with software 82015-08-22

📋Vendor Advisories

1
Cisco
Cisco Wireless LAN Controller IPv6 IAPP WIPS Report Vulnerability2015-08-21
CVE-2015-6258 — Improper Input Validation in Cisco | cvebase