Cisco Wireless Lan Controller vulnerabilities
25 known vulnerabilities affecting cisco/cisco_wireless_lan_controller.
Total CVEs
25
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH10MEDIUM14
Vulnerabilities
Page 2 of 2
CVE-2018-0443HIGHCVSS 7.5vn/a2018-10-17
CVE-2018-0443 [HIGH] CWE-399 CVE-2018-0443: A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol componen
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper input validation on fields within CAPWAP Discovery Request packets by the
nvd
CVE-2018-15395MEDIUMCVSS 5.4vn/a2018-10-17
CVE-2018-15395 [MEDIUM] CWE-284 CVE-2018-15395: A vulnerability in the authentication and authorization checking mechanisms of Cisco Wireless LAN Co
A vulnerability in the authentication and authorization checking mechanisms of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, adjacent attacker to gain network access to a Cisco TrustSec domain. Under normal circumstances, this access should be prohibited. The vulnerability is due to the dynamic assignment of Security Gro
nvd
CVE-2018-0388MEDIUMCVSS 4.8vn/a2018-10-17
CVE-2018-0388 [MEDIUM] CWE-79 CVE-2018-0388: A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could all
A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web-based interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based interface.
nvd
CVE-2018-0416MEDIUMCVSS 5.3vn/a2018-10-17
CVE-2018-0416 [MEDIUM] CWE-20 CVE-2018-0416: A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could all
A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances should be prohibited. The vulnerability is due to incomplete input and validation checking mechanisms in the web-based interface URL request. An attacker co
nvd
CVE-2018-0420MEDIUMCVSS 6.5vn/a2018-10-17
CVE-2018-0420 [MEDIUM] CWE-22 CVE-2018-0420: A vulnerability in the web-based interface of Cisco Wireless LAN Controller Software could allow an
A vulnerability in the web-based interface of Cisco Wireless LAN Controller Software could allow an authenticated, remote attacker to view sensitive information. The issue is due to improper sanitization of user-supplied input in HTTP request parameters that describe filenames and pathnames. An attacker could exploit this vulnerability by using director
nvd
← Previous2 / 2