Vulnerabilities > Cisco > Wireless LAN Controller Software > 8.3.133.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-27 | CVE-2023-20268 | Resource Exhaustion vulnerability in Cisco products A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device. This vulnerability is due to insufficient management of resources when handling certain types of traffic. | 4.7 |
| 2022-09-30 | CVE-2022-20769 | Out-of-bounds Write vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 6.5 |
| 2019-04-18 | CVE-2019-1800 | Improper Input Validation vulnerability in Cisco products A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 6.1 |
| 2019-04-18 | CVE-2019-1797 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the web-based management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on the device with the privileges of the user, including modifying the device configuration. | 6.8 |
| 2018-10-17 | CVE-2018-0388 | Cross-site Scripting vulnerability in Cisco Wireless LAN Controller Software 8.3(133.0)/8.3(135.0)/8.5(120.0) A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web-based interface of an affected system. | 4.8 |
| 2018-05-02 | CVE-2018-0245 | Improper Privilege Management vulnerability in Cisco Wireless LAN Controller Software 8.3(133.0)/8.5(105.0) A vulnerability in the REST API of Cisco 5500 and 8500 Series Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances should be prohibited. | 5.0 |