Vulnerabilities > Cisco > Wireless LAN Controller Software > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-02 | CVE-2018-0235 | Unspecified vulnerability in Cisco Wireless LAN Controller Software 8.6(1.106)/8.6(1.114) A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. low complexity cisco | 6.1 |
| 2017-11-02 | CVE-2017-12282 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the Access Network Query Protocol (ANQP) ingress frame processing functionality of Cisco Wireless LAN Controllers could allow an unauthenticated, Layer 2 RF-adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. | 5.7 |
| 2017-11-02 | CVE-2017-12278 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco Wireless LAN Controllers could allow an authenticated, remote attacker to cause an affected device to restart, resulting in a denial of service (DoS) condition. | 5.2 |
| 2017-11-02 | CVE-2017-12275 | Improper Input Validation vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the implementation of 802.11v Basic Service Set (BSS) Transition Management functionality in Cisco Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. | 6.1 |
| 2016-09-12 | CVE-2016-6375 | Resource Management Errors vulnerability in Cisco products Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow remote attackers to cause a denial of service (device reload) by sending crafted Inter-Access Point Protocol (IAPP) packets and then sending a traffic stream metrics (TSM) information request over SNMP, aka Bug ID CSCuz40221. | 5.7 |
| 2016-07-28 | CVE-2016-1460 | Resource Management Errors vulnerability in Cisco Wireless LAN Controller Software 7.4.121.0/8.0.0.30220.385 Cisco Wireless LAN Controller (WLC) devices 7.4(121.0) and 8.0(0.30220.385) allow remote attackers to cause a denial of service via crafted wireless management frames, aka Bug ID CSCun92979. | 6.1 |
| 2015-10-25 | CVE-2015-6341 | Permissions, Privileges, and Access Controls vulnerability in Cisco Wireless LAN Controller Software 7.4.140.0/8.0.120.0 The Web Management GUI on Cisco Wireless LAN Controller (WLC) devices with software 7.4(140.0) and 8.0(120.0) allows remote attackers to cause a denial of service (client disconnection) via unspecified vectors, aka Bug ID CSCuw10610. | 5.0 |
| 2015-09-26 | CVE-2015-6302 | Resource Management Errors vulnerability in Cisco Wireless LAN Controller Software 7.0.250.0/7.0.252.0 The RADIUS functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.0(250.0) and 7.0(252.0) allows remote attackers to disconnect arbitrary sessions via crafted Disconnect-Request UDP packets, aka Bug ID CSCuw29419. | 5.0 |
| 2015-08-22 | CVE-2015-6258 | Improper Input Validation vulnerability in Cisco Wireless LAN Controller Software 8.1.104.37 The Internet Access Point Protocol (IAPP) module on Cisco Wireless LAN Controller (WLC) devices with software 8.1(104.37) allows remote attackers to trigger incorrect traffic forwarding via crafted IPv6 packets, aka Bug ID CSCuv40033. | 5.0 |
| 2015-06-24 | CVE-2015-4215 | Resource Management Errors vulnerability in Cisco Wireless LAN Controller Software 7.5.102.0 Cisco Wireless LAN Controller (WLC) devices with software 7.5(102.0) and 7.6(1.62) allow remote attackers to cause a denial of service (device crash) by triggering an exception during attempted forwarding of unspecified IPv6 packets to a non-IPv6 device, aka Bug ID CSCuj01046. | 6.1 |