Multiple Vulnerabilities in Cisco Wireless LAN Controllers (cisco-sa-20130123-wlc)

high Nessus Plugin ID 70124

Language:

Synopsis

The remote device is missing a vendor-supplied security update.

Description

The remote Cisco Wireless LAN Controller (WLC) is affected by one or more of the following vulnerabilities :

- Wireless Intrusion Prevention System (wIPS) Denial of Service Vulnerability (CSCtx80743)

- Session Initiation Protocol Denial of Service Vulnerability (CSCts87659)

- Remote Code Execution Vulnerability (CSCuc15636)

- SNMP Unauthorized Access Vulnerability (CSCua60653)

Solution

Apply the relevant patch referenced in Cisco Security Advisory cisco-sa-20130123-wlc.

Plugin Details

Severity: High

ID: 70124

File Name: cisco-sa-20130123-wlc.nasl

Version: 1.9

Type: combined

Family: CISCO

Published: 9/25/2013

Updated: 8/20/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:cisco:wireless_lan_controller_software, cpe:/h:cisco:wireless_lan_controller

Required KB Items: Host/Cisco/WLC/Version, Host/Cisco/WLC/Model, Host/Cisco/WLC/Port

Exploit Ease: No known exploits are available

Patch Publication Date: 1/23/2013

Vulnerability Publication Date: 1/23/2013

Reference Information

CVE: CVE-2013-1102, CVE-2013-1103, CVE-2013-1104, CVE-2013-1105

BID: 57524

CISCO-SA: cisco-sa-20130123-wlc

CISCO-BUG-ID: CSCts87659, CSCtx80743, CSCua60653, CSCuc15636

Detections

Analytics