fkie_nvd - fkie_cve-2014-0705

fkie_cve-2014-0705

Vulnerability from fkie_nvd

Published

2014-03-06 11:55

Modified

2025-04-12 10:46

Severity ?

Summary

The multicast listener discovery (MLD) service on Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, 7.4 before 7.4.121.0, and 7.5, when MLDv2 Snooping is enabled, allows remote attackers to cause a denial of service (device restart) via a malformed IPv6 MLDv2 packet, aka Bug ID CSCuh74233.

References

▶	URL	Tags
	psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	wireless_lan_controller_software	7.2
cisco	wireless_lan_controller_software	7.2.103.0
cisco	wireless_lan_controller_software	7.2.110.0
cisco	wireless_lan_controller_software	7.3
cisco	wireless_lan_controller_software	7.3.101.0
cisco	wireless_lan_controller_software	7.4.100.0
cisco	wireless_lan_controller_software	7.4.100.60
cisco	wireless_lan_controller_software	7.5
cisco	wireless_lan_controller	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "41B7499D-75A9-46A9-9129-BCD18533B21F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.2.103.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "25EECAA5-5D9F-4696-8DFB-6F1C3D5E7984",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.2.110.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D4F9E21-A0AB-4E18-B3E6-13DE2206974C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9CCF4BD-4C5D-41BB-932C-52B428270B44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.3.101.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7233C6A0-9674-4C6D-ACC0-CC654CF117C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.4.100.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D160CAC1-B873-4A78-A50B-5B3FAB6EEDE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.4.100.60:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D90CC27-03B4-4E8A-B7C7-31CF468CE9B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "58713067-9185-4B92-97A1-4D98AFF4A8BE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:wireless_lan_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E08C420-97C2-4323-9388-D6C32E83BBF9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The multicast listener discovery (MLD) service on Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, 7.4 before 7.4.121.0, and 7.5, when MLDv2 Snooping is enabled, allows remote attackers to cause a denial of service (device restart) via a malformed IPv6 MLDv2 packet, aka Bug ID CSCuh74233."
    },
    {
      "lang": "es",
      "value": "El servicio Multicast Listener Discovery (MLD) en los dispositivos de Cisco Wireless LAN Controller (WLC) 7.2, 7.3, 7.4 anterior a 7.4.121.0 y 7.5, cuando MLDv2 Snooping est\u00e1 habilitado, permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio de dispositivo) a trav\u00e9s de un paquete IPv6 MLDv2 malformado, tambi\u00e9n conocido como Bug ID CSCuh74233."
    }
  ],
  "id": "CVE-2014-0705",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-03-06T11:55:05.380",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2014-0705 (GCVE-0-2014-0705)

Vulnerability from cvelistv5

Published

2014-03-06 11:00

Modified

2024-08-06 09:27

Severity ?

CWE

Summary

References

►

URL

Tags

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc

vendor-advisory, x_refsource_CISCO