Vulnerabilities > Cisco > Wireless LAN Controller Software > 8.3

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-18	CVE-2019-1797	Cross-Site Request Forgery (CSRF) vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the web-based management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on the device with the privileges of the user, including modifying the device configuration. network low complexity cisco CWE-352	8.8
2019-04-17	CVE-2018-0248	Improper Input Validation vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the administrative GUI configuration feature of Cisco Wireless LAN Controller (WLC) Software could allow an aUTHENTICated, remote attacker to cause the device to reload unexpectedly during device configuration when the administrator is using this GUI, causing a denial of service (DoS) condition on an affected device. network low complexity cisco CWE-20	4.9
2018-10-17	CVE-2018-0442	Unspecified vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. network low complexity cisco	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.