Cisco Wireless LAN Controller Client Disconnection DoS

medium Nessus Plugin ID 88102

Synopsis

The remote device is missing a vendor-supplied security update.

Description

The remote Cisco Wireless LAN Controller (WLC) is affected by a denial of service vulnerability due to the lack of access control to the management GUI. An unauthenticated, remote attacker can exploit this to trigger client disconnections.

Solution

Apply the relevant patch referenced in Cisco bug ID CSCuw10610, or contact the vendor regarding patch options.

See Also

http://www.nessus.org/u?e610239d

Plugin Details

Severity: Medium

ID: 88102

File Name: cisco-sa-20151016-wlc.nasl

Version: 1.6

Type: combined

Family: CISCO

Published: 1/22/2016

Updated: 8/20/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/o:cisco:wireless_lan_controller_software, cpe:/h:cisco:wireless_lan_controller

Required KB Items: Host/Cisco/WLC/Version, Host/Cisco/WLC/Port

Exploit Ease: No known exploits are available

Patch Publication Date: 10/16/2015

Vulnerability Publication Date: 10/16/2015

Reference Information

CVE: CVE-2015-6341

BID: 77119

CISCO-SA: cisco-sa-20151016-wlc

CISCO-BUG-ID: CSCuw10610