Vulnerabilities > Cisco > Wireless LAN Controller Software > 4.2.173.0

DATE CVE VULNERABILITY TITLE RISK
2023-09-27 CVE-2023-20268 Resource Exhaustion vulnerability in Cisco products
A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device. This vulnerability is due to insufficient management of resources when handling certain types of traffic.
low complexity
cisco CWE-400
4.7
2022-09-30 CVE-2022-20769 Out-of-bounds Write vulnerability in Cisco Wireless LAN Controller Software
A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.
low complexity
cisco CWE-787
6.5
2019-04-18 CVE-2019-1797 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Wireless LAN Controller Software
A vulnerability in the web-based management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on the device with the privileges of the user, including modifying the device configuration.
network
cisco CWE-352
6.8
2018-10-17 CVE-2018-0442 Unspecified vulnerability in Cisco Wireless LAN Controller Software
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information.
network
low complexity
cisco
5.0
2018-10-17 CVE-2018-0417 Unspecified vulnerability in Cisco Wireless LAN Controller Software
A vulnerability in TACACS authentication with Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to perform certain operations within the GUI that are not normally available to that user on the CLI.
local
low complexity
cisco
7.8
2016-09-12 CVE-2016-6375 Resource Management Errors vulnerability in Cisco products
Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow remote attackers to cause a denial of service (device reload) by sending crafted Inter-Access Point Protocol (IAPP) packets and then sending a traffic stream metrics (TSM) information request over SNMP, aka Bug ID CSCuz40221.
5.7
2015-04-07 CVE-2015-0690 Cross-site Scripting vulnerability in Cisco Wireless LAN Controller Software
Cross-site scripting (XSS) vulnerability in the HTML help system on Cisco Wireless LAN Controller (WLC) devices before 8.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCun95178.
network
cisco CWE-79
4.3
2014-03-06 CVE-2014-0704 Resource Management Errors vulnerability in Cisco products
The IGMP implementation on Cisco Wireless LAN Controller (WLC) devices 4.x, 5.x, 6.x, 7.0 before 7.0.250.0, 7.1, 7.2, and 7.3, when IGMPv3 Snooping is enabled, allows remote attackers to cause a denial of service (memory over-read and device restart) via a crafted field in an IGMPv3 message, aka Bug ID CSCuh33240.
network
cisco CWE-399
7.1
2013-02-28 CVE-2013-1141 Buffer Errors vulnerability in Cisco products
The mDNS snooping functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.4.1.54 and earlier does not properly manage buffers, which allows remote authenticated users to cause a denial of service (device reload) via crafted mDNS packets, aka Bug ID CSCue04153.
low complexity
cisco CWE-119
6.1
2012-03-01 CVE-2012-0371 Permissions, Privileges, and Access Controls vulnerability in Cisco products
Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-based ACLs are enabled, allow remote attackers to read or modify the configuration via unspecified vectors, aka Bug ID CSCtu56709.
network
cisco CWE-264
critical
9.3