cvelistv5 - CVE-2015-0679

CVE-2015-0679 (GCVE-0-2015-0679)

Vulnerability from cvelistv5

Published

2015-03-28 01:00

Modified

2024-08-06 04:17

Severity ?

CWE

Summary

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

gsd-2015-0679

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2015-0679

Aliases

CVE-2015-0679

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-0679",
    "description": "The web-authentication functionality on Cisco Wireless LAN Controller (WLC) devices 7.3(103.8) and 7.4(110.0) allows remote attackers to cause a denial of service (device reload) via a malformed password, aka Bug ID CSCui57980.",
    "id": "GSD-2015-0679"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-0679"
      ],
      "details": "The web-authentication functionality on Cisco Wireless LAN Controller (WLC) devices 7.3(103.8) and 7.4(110.0) allows remote attackers to cause a denial of service (device reload) via a malformed password, aka Bug ID CSCui57980.",
      "id": "GSD-2015-0679",
      "modified": "2023-12-13T01:19:58.866642Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2015-0679",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The web-authentication functionality on Cisco Wireless LAN Controller (WLC) devices 7.3(103.8) and 7.4(110.0) allows remote attackers to cause a denial of service (device reload) via a malformed password, aka Bug ID CSCui57980."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1031990",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1031990"
          },
          {
            "name": "20150326 Cisco Wireless LAN Controller Task Name aaaQueueReader Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38076"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.4\\(110.0\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.3\\(103.8\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-0679"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The web-authentication functionality on Cisco Wireless LAN Controller (WLC) devices 7.3(103.8) and 7.4(110.0) allows remote attackers to cause a denial of service (device reload) via a malformed password, aka Bug ID CSCui57980."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20150326 Cisco Wireless LAN Controller Task Name aaaQueueReader Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38076"
            },
            {
              "name": "1031990",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1031990"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 6.5,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2021-04-15T18:54Z",
      "publishedDate": "2015-03-28T01:59Z"
    }
  }
}

cnvd-2015-02074

Vulnerability from cnvd

Title

Cisco Wireless LAN Controller WEB验证拒绝服务漏洞

Description

Cisco Wireless LAN Controller负责全系统的无线LAN功能，例如安全策略、入侵保护、RF管理，服务质量和移动性。 Cisco Wireless LAN Controller WEB验证功能存在安全漏洞，允许远程攻击者提交畸形密码进行拒绝服务攻击。

Severity

中

Patch Name

Cisco Wireless LAN Controller WEB验证拒绝服务漏洞的补丁

Patch Description

Cisco Wireless LAN Controller负责全系统的无线LAN功能，例如安全策略、入侵保护、RF管理，服务质量和移动性。Cisco Wireless LAN Controller WEB验证功能存在安全漏洞，允许远程攻击者提交畸形密码进行拒绝服务攻击。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： http://tools.cisco.com/security/center/viewAlert.x?alertId=38076

Reference

http://tools.cisco.com/security/center/viewAlert.x?alertId=38076

Impacted products

Name
['Cisco Wireless LAN Controller (WLC) 7.3(103.8)', 'Cisco Wireless LAN Controller (WLC) 7.4(110.0)']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-0679"
    }
  },
  "description": "Cisco Wireless LAN Controller\u8d1f\u8d23\u5168\u7cfb\u7edf\u7684\u65e0\u7ebfLAN\u529f\u80fd\uff0c\u4f8b\u5982\u5b89\u5168\u7b56\u7565\u3001\u5165\u4fb5\u4fdd\u62a4\u3001RF\u7ba1\u7406\uff0c\u670d\u52a1\u8d28\u91cf\u548c\u79fb\u52a8\u6027\u3002\r\n\r\nCisco Wireless LAN Controller WEB\u9a8c\u8bc1\u529f\u80fd\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u63d0\u4ea4\u7578\u5f62\u5bc6\u7801\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://tools.cisco.com/security/center/viewAlert.x?alertId=38076",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-02074",
  "openTime": "2015-03-31",
  "patchDescription": "Cisco Wireless LAN Controller\u8d1f\u8d23\u5168\u7cfb\u7edf\u7684\u65e0\u7ebfLAN\u529f\u80fd\uff0c\u4f8b\u5982\u5b89\u5168\u7b56\u7565\u3001\u5165\u4fb5\u4fdd\u62a4\u3001RF\u7ba1\u7406\uff0c\u670d\u52a1\u8d28\u91cf\u548c\u79fb\u52a8\u6027\u3002Cisco Wireless LAN Controller WEB\u9a8c\u8bc1\u529f\u80fd\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u63d0\u4ea4\u7578\u5f62\u5bc6\u7801\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Wireless LAN Controller WEB\u9a8c\u8bc1\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Wireless LAN Controller (WLC) 7.3(103.8)",
      "Cisco Wireless LAN Controller (WLC) 7.4(110.0)"
    ]
  },
  "referenceLink": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38076",
  "serverity": "\u4e2d",
  "submitTime": "2015-03-30",
  "title": "Cisco Wireless LAN Controller WEB\u9a8c\u8bc1\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

The web-authentication functionality on Cisco Wireless LAN Controller (WLC) devices 7.3(103.8) and 7.4(110.0) allows remote attackers to cause a denial of service (device reload) via a malformed password, aka Bug ID CSCui57980. Attackers can exploit this issue to crash and reload the affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCui57980. A security vulnerability exists in the web-authentication feature of Cisco WLC devices Release 7.3(103.8) and Release 7.4(110.0)

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201503-0175",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.4\\(110.0\\)"
      },
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.3\\(103.8\\)"
      },
      {
        "model": "wireless lan controller",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "7.3(103.8)"
      },
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "7.4(110.0)"
      },
      {
        "model": "wireless lan controller",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "7.3(103.8)"
      },
      {
        "model": "wireless lan controller",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "7.4(110.0)"
      },
      {
        "model": "wireless lan controller",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "7.3\\(103.8\\)"
      },
      {
        "model": "wireless lan controller",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "7.4\\(110.0\\)"
      },
      {
        "model": "wireless lan controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.4.110.0"
      },
      {
        "model": "wireless lan controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.3.103.8"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02074"
      },
      {
        "db": "BID",
        "id": "73368"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001988"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201503-610"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-0679"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/h:cisco:wireless_lan_controller",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:cisco:wireless_lan_controller_software",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001988"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "73368"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-0679",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CVE-2015-0679",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.7,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 5.5,
            "id": "CNVD-2015-02074",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "VHN-78625",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2015-0679",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2015-0679",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2015-02074",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201503-610",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-78625",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02074"
      },
      {
        "db": "VULHUB",
        "id": "VHN-78625"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001988"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201503-610"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-0679"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The web-authentication functionality on Cisco Wireless LAN Controller (WLC) devices 7.3(103.8) and 7.4(110.0) allows remote attackers to cause a denial of service (device reload) via a malformed password, aka Bug ID CSCui57980. \nAttackers can exploit this issue to crash and reload the affected device, denying service to legitimate users. \nThis issue is being tracked by Cisco Bug ID CSCui57980. A security vulnerability exists in the web-authentication feature of Cisco WLC devices Release 7.3(103.8) and Release 7.4(110.0)",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-0679"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001988"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02074"
      },
      {
        "db": "BID",
        "id": "73368"
      },
      {
        "db": "VULHUB",
        "id": "VHN-78625"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-0679",
        "trust": 3.4
      },
      {
        "db": "SECTRACK",
        "id": "1031990",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001988",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201503-610",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02074",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "73368",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-78625",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02074"
      },
      {
        "db": "VULHUB",
        "id": "VHN-78625"
      },
      {
        "db": "BID",
        "id": "73368"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001988"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201503-610"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-0679"
      }
    ]
  },
  "id": "VAR-201503-0175",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02074"
      },
      {
        "db": "VULHUB",
        "id": "VHN-78625"
      }
    ],
    "trust": 1.2343109399999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02074"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:56:29.670000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "38076",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38076"
      },
      {
        "title": "Cisco Wireless LAN Controller WEB Verification Denial of Service Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/56777"
      },
      {
        "title": "Cisco Wireless LAN Controller Repair measures for device input verification error vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147561"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02074"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001988"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201503-610"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-78625"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001988"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-0679"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=38076"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id/1031990"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0679"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0679"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/en/us/products/ps6302/products_sub_category_home.html"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02074"
      },
      {
        "db": "VULHUB",
        "id": "VHN-78625"
      },
      {
        "db": "BID",
        "id": "73368"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001988"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201503-610"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-0679"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02074"
      },
      {
        "db": "VULHUB",
        "id": "VHN-78625"
      },
      {
        "db": "BID",
        "id": "73368"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001988"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201503-610"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-0679"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-03-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-02074"
      },
      {
        "date": "2015-03-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-78625"
      },
      {
        "date": "2015-03-26T00:00:00",
        "db": "BID",
        "id": "73368"
      },
      {
        "date": "2015-03-31T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-001988"
      },
      {
        "date": "2015-03-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201503-610"
      },
      {
        "date": "2015-03-28T01:59:53.083000",
        "db": "NVD",
        "id": "CVE-2015-0679"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-03-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-02074"
      },
      {
        "date": "2015-10-01T00:00:00",
        "db": "VULHUB",
        "id": "VHN-78625"
      },
      {
        "date": "2015-03-26T00:00:00",
        "db": "BID",
        "id": "73368"
      },
      {
        "date": "2015-03-31T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-001988"
      },
      {
        "date": "2021-04-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201503-610"
      },
      {
        "date": "2024-11-21T02:23:31.480000",
        "db": "NVD",
        "id": "CVE-2015-0679"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "specific network environment",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201503-610"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Wireless LAN Controller Device  Web Service operation interruption in authentication function  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001988"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201503-610"
      }
    ],
    "trust": 0.6
  }
}

ghsa-pmpv-wf74-rw2h

Vulnerability from github

Published

2022-05-13 01:10

Modified

2022-05-13 01:10

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-0679"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-03-28T01:59:00Z",
    "severity": "MODERATE"
  },
  "details": "The web-authentication functionality on Cisco Wireless LAN Controller (WLC) devices 7.3(103.8) and 7.4(110.0) allows remote attackers to cause a denial of service (device reload) via a malformed password, aka Bug ID CSCui57980.",
  "id": "GHSA-pmpv-wf74-rw2h",
  "modified": "2022-05-13T01:10:49Z",
  "published": "2022-05-13T01:10:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0679"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38076"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1031990"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

fkie_cve-2015-0679

Vulnerability from fkie_nvd

Published

2015-03-28 01:59

Modified

2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/viewAlert.x?alertId=38076	Vendor Advisory
psirt@cisco.com	http://www.securitytracker.com/id/1031990
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/viewAlert.x?alertId=38076	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1031990

Impacted products

	Vendor	Product	Version
	cisco	wireless_lan_controller_software	7.3\(103.8\)
	cisco	wireless_lan_controller_software	7.4\(110.0\)

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.3\\(103.8\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A1EF3A52-4BE8-408F-BCA4-67E8BBD3C2F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.4\\(110.0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC887B1-D9BF-44D8-BEF7-69C0C0C4E11D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The web-authentication functionality on Cisco Wireless LAN Controller (WLC) devices 7.3(103.8) and 7.4(110.0) allows remote attackers to cause a denial of service (device reload) via a malformed password, aka Bug ID CSCui57980."
    },
    {
      "lang": "es",
      "value": "La funcionalidad web-authentication en los dispositivos Cisco Wireless LAN Controller (WLC) 7.3(103.8) y 7.4(110.0) permite a atacantes remotos causar una denegaci\u00f3n de servicio (recarga de dispositivo) a trav\u00e9s de una contrase\u00f1a malformada, tambi\u00e9n conocido como Bug ID CSCui57980."
    }
  ],
  "id": "CVE-2015-0679",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-03-28T01:59:53.083",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38076"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1031990"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1031990"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2015-0679 (GCVE-0-2015-0679)

Vulnerability from cvelistv5

gsd-2015-0679

Vulnerability from gsd

cnvd-2015-02074

Vulnerability from cnvd

var-201503-0175

Vulnerability from variot

ghsa-pmpv-wf74-rw2h

Vulnerability from github

fkie_cve-2015-0679

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature