You are here
Home > Preporuke > Ranjivost Cisco Wireless LAN Controller softvera

Ranjivost Cisco Wireless LAN Controller softvera

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: CIS

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Cisco Wireless LAN Controller Management GUI Denial of Service Vulnerability

Advisory ID: cisco-sa-20170405-wlc3

Revision: 1.0

For Public Release: 2017 April 5 16:00 GMT

Last Updated: 2017 April 5 16:00 GMT

CVE ID(s): CVE-2017-3832

CVSS Score v(3): 8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

+———————————————————————

Summary
=======
A vulnerability in the web management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

The vulnerability is due to a missing internal handler for the specific request. An attacker could exploit this vulnerability by accessing a specific hidden URL on the web management interface. A successful exploit could allow the attacker to cause a reload of the device, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-wlc3 [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-wlc3”]

—–BEGIN PGP SIGNATURE—–

iQKBBAEBAgBrBQJY5RUBZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg
SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx
NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHmzBw//XFeVmnZYBr43cDNl
On+2wDW8lPUqj4F8fzcxPJL1OjrcfQNstxbFaKRbQM34QpHzQ0mEArW2V9ATBVnW
pBCN8NbhKe/5GTc388kmd3FyXkwfhxej7YVjBx12WToLERlWd0wivdK6gQu0WDQN
M9wJFnZP5iUEfsmCqr5f8lxYxqI0YKfgzYUTEynqdUR5o+qyQGZzYrW6b93vDcoB
hlt51sDiqDysRirBP4qHHJp0qPEq6qHIdE3Gv4EELEs2zfon03rCUHOGQ50MAy53
iBMRu9xUqUlDWm8ihfkrs8ADzHetLuBl/cXv9mMuSke2Joii1eiSqTxYmj5E0XRl
2PKy3P8fPUc1VaOun1/jGuxIarVSZXEdjDReRRKDGNSLSyev0mwDplyKFYq/cKCS
bYFPkYMzcdvD00P286krWPnDwd9OfYyOxdScahi27cg9crNmKsqVfHf8ZgO/R3kl
eZoONLDalLO/FLLqQYjPuMsV8IT3RvCgUvQNZk019/V28p3rfx5DaZc50b2YJP9N
7jyg1dcdEg8B6CfHdd5a9SRWZbpOnJKqO2t5KV9ThPqFmBNZwqxgyO5TFUmqJo+V
wMtFOQkJ/Tb7W8uaAEngUxCOkbuqi1FI7CBbtkc7OmpZbYo8/v6ysw8dwDGslSFy
FpuNd3aUdREzb4t0b7P92HOHDdw=
=6aS4
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

AutorVlatka Misic
Cert idNCERT-REF-2017-04-0025-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa jasper

Otkriveni su sigurnosni nedostaci u programskom paketu jasper za operacijski sustav SUSE. Otkriveni nedostaci potencijalnim napadačima omogućuju izvršavanje proizvoljnog programskog...

Close