var-201403-0209
Vulnerability from variot
The multicast listener discovery (MLD) service on Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, 7.4 before 7.4.121.0, and 7.5, when MLDv2 Snooping is enabled, allows remote attackers to cause a denial of service (device restart) via a malformed IPv6 MLDv2 packet, aka Bug ID CSCuh74233. Vendors have confirmed this vulnerability Bug ID CSCuh74233 It is released as.Malformed by a third party IPv6 MLDv2 Service disruption via packets ( Reboot device ) There is a possibility of being put into a state. The Cisco Wireless LAN Controller is responsible for system-wide wireless LAN functions such as security policy, intrusion protection, RF management, quality of service, and mobility. Attackers can exploit this issue to cause the affected device to restart, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuh74233
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201403-0209",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "7.3"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.3.101.0"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.4.100.60"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.2.110.0"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.4.100.0"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.2.103.0"
},
{
"model": "wireless lan controller",
"scope": null,
"trust": 1.4,
"vendor": "cisco",
"version": null
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "wireless lan controller software",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7.4.121.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-136"
},
{
"db": "NVD",
"id": "CVE-2014-0705"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:wireless_lan_controller",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:wireless_lan_controller_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "65982"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0705",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2014-0705",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2014-01524",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-68198",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0705",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0705",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2014-01524",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201403-136",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-68198",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"db": "VULHUB",
"id": "VHN-68198"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-136"
},
{
"db": "NVD",
"id": "CVE-2014-0705"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The multicast listener discovery (MLD) service on Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, 7.4 before 7.4.121.0, and 7.5, when MLDv2 Snooping is enabled, allows remote attackers to cause a denial of service (device restart) via a malformed IPv6 MLDv2 packet, aka Bug ID CSCuh74233. Vendors have confirmed this vulnerability Bug ID CSCuh74233 It is released as.Malformed by a third party IPv6 MLDv2 Service disruption via packets ( Reboot device ) There is a possibility of being put into a state. The Cisco Wireless LAN Controller is responsible for system-wide wireless LAN functions such as security policy, intrusion protection, RF management, quality of service, and mobility. \nAttackers can exploit this issue to cause the affected device to restart, denying service to legitimate users. \nThis issue is being tracked by Cisco Bug ID CSCuh74233",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0705"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
},
{
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"db": "BID",
"id": "65982"
},
{
"db": "VULHUB",
"id": "VHN-68198"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0705",
"trust": 3.4
},
{
"db": "BID",
"id": "65982",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001583",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201403-136",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-01524",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "57128",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20140305 MULTIPLE VULNERABILITIES IN CISCO WIRELESS LAN CONTROLLERS",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-61671",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-68198",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"db": "VULHUB",
"id": "VHN-68198"
},
{
"db": "BID",
"id": "65982"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-136"
},
{
"db": "NVD",
"id": "CVE-2014-0705"
}
]
},
"id": "VAR-201403-0209",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"db": "VULHUB",
"id": "VHN-68198"
}
],
"trust": 1.2343109399999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01524"
}
]
},
"last_update_date": "2024-11-23T22:02:13.718000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "30830",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=30830"
},
{
"title": "cisco-sa-20140305-wlc",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc"
},
{
"title": "33101",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33101"
},
{
"title": "cisco-sa-20140305-wlc",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/JP/112/1122/1122122_cisco-sa-20140305-wlc-j.html"
},
{
"title": "\\302\\240\\302\\240Patch for Cisco Wireless LAN Controller Remote Denial of Service Vulnerability (CNVD-2014-01524)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/44105"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68198"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
},
{
"db": "NVD",
"id": "CVE-2014-0705"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140305-wlc"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0705"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0705"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/57128"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"db": "VULHUB",
"id": "VHN-68198"
},
{
"db": "BID",
"id": "65982"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-136"
},
{
"db": "NVD",
"id": "CVE-2014-0705"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"db": "VULHUB",
"id": "VHN-68198"
},
{
"db": "BID",
"id": "65982"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-136"
},
{
"db": "NVD",
"id": "CVE-2014-0705"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"date": "2014-03-06T00:00:00",
"db": "VULHUB",
"id": "VHN-68198"
},
{
"date": "2014-03-05T00:00:00",
"db": "BID",
"id": "65982"
},
{
"date": "2014-03-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001583"
},
{
"date": "2014-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-136"
},
{
"date": "2014-03-06T11:55:05.380000",
"db": "NVD",
"id": "CVE-2014-0705"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"date": "2014-03-07T00:00:00",
"db": "VULHUB",
"id": "VHN-68198"
},
{
"date": "2014-03-05T00:00:00",
"db": "BID",
"id": "65982"
},
{
"date": "2014-03-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001583"
},
{
"date": "2014-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-136"
},
{
"date": "2024-11-21T02:02:40.327000",
"db": "NVD",
"id": "CVE-2014-0705"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201403-136"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Wireless LAN Controller Service disruption in device multicast listener discovery service (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201403-136"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…