Sign-up

ID

VAR-201403-0209


CVE

CVE-2014-0705


TITLE

Cisco Wireless LAN Controller Service disruption in device multicast listener discovery service (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-001583

DESCRIPTION

The multicast listener discovery (MLD) service on Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, 7.4 before 7.4.121.0, and 7.5, when MLDv2 Snooping is enabled, allows remote attackers to cause a denial of service (device restart) via a malformed IPv6 MLDv2 packet, aka Bug ID CSCuh74233. Vendors have confirmed this vulnerability Bug ID CSCuh74233 It is released as.Malformed by a third party IPv6 MLDv2 Service disruption via packets ( Reboot device ) There is a possibility of being put into a state. The Cisco Wireless LAN Controller is responsible for system-wide wireless LAN functions such as security policy, intrusion protection, RF management, quality of service, and mobility. Attackers can exploit this issue to cause the affected device to restart, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuh74233

Trust: 2.52

sources: NVD: CVE-2014-0705 // JVNDB: JVNDB-2014-001583 // CNVD: CNVD-2014-01524 // BID: 65982 // VULHUB: VHN-68198

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-01524

AFFECTED PRODUCTS

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:7.3

Trust: 2.4

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:7.5

Trust: 2.4

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:7.2

Trust: 2.4

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:7.3.101.0

Trust: 1.6

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:7.4.100.60

Trust: 1.6

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:7.2.110.0

Trust: 1.6

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:7.4.100.0

Trust: 1.6

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:7.2.103.0

Trust: 1.6

vendor:ciscomodel:wireless lan controllerscope: - version: -

Trust: 1.4

vendor:ciscomodel:wireless lan controllerscope:eqversion:*

Trust: 1.0

vendor:ciscomodel:wireless lan controller softwarescope:ltversion:7.4

Trust: 0.8

vendor:ciscomodel:wireless lan controller softwarescope:eqversion:7.4.121.0

Trust: 0.8

sources: CNVD: CNVD-2014-01524 // JVNDB: JVNDB-2014-001583 // CNNVD: CNNVD-201403-136 // NVD: CVE-2014-0705

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-0705
value: HIGH

Trust: 1.0

NVD: CVE-2014-0705
value: HIGH

Trust: 0.8

CNVD: CNVD-2014-01524
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201403-136
value: HIGH

Trust: 0.6

VULHUB: VHN-68198
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-0705
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2014-01524
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-68198
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2014-01524 // VULHUB: VHN-68198 // JVNDB: JVNDB-2014-001583 // CNNVD: CNNVD-201403-136 // NVD: CVE-2014-0705

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

sources: VULHUB: VHN-68198 // JVNDB: JVNDB-2014-001583 // NVD: CVE-2014-0705

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201403-136

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201403-136

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-001583

PATCH
title:30830url:http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=30830
Trust: 0.8
title:cisco-sa-20140305-wlcurl:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc
Trust: 0.8
title:33101url:http://tools.cisco.com/security/center/viewAlert.x?alertId=33101
Trust: 0.8
title:cisco-sa-20140305-wlcurl:http://www.cisco.com/cisco/web/support/JP/112/1122/1122122_cisco-sa-20140305-wlc-j.html
Trust: 0.8
title:\302\240\302\240Patch for Cisco Wireless LAN Controller Remote Denial of Service Vulnerability (CNVD-2014-01524)url:https://www.cnvd.org.cn/patchInfo/show/44105
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-01524 // 
            
            
            
            JVNDB: JVNDB-2014-001583

EXTERNAL IDS
db:NVDid:CVE-2014-0705
Trust: 3.4
db:BIDid:65982
Trust: 1.0
db:JVNDBid:JVNDB-2014-001583
Trust: 0.8
db:CNNVDid:CNNVD-201403-136
Trust: 0.7
db:CNVDid:CNVD-2014-01524
Trust: 0.6
db:SECUNIAid:57128
Trust: 0.6
db:CISCOid:20140305 MULTIPLE VULNERABILITIES IN CISCO WIRELESS LAN CONTROLLERS
Trust: 0.6
db:SEEBUGid:SSVID-61671
Trust: 0.1
db:VULHUBid:VHN-68198
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-01524 // 
            
            
            
            VULHUB: VHN-68198 // 
            
            
            
            BID: 65982 // 
            
            
            
            JVNDB: JVNDB-2014-001583 // 
            
            
            
            CNNVD: CNNVD-201403-136 // 
            
            
            
            NVD: CVE-2014-0705

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140305-wlc
Trust: 2.3
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0705
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0705
Trust: 0.8
url:http://secunia.com/advisories/57128
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2014-01524 // 
            
            
            
            VULHUB: VHN-68198 // 
            
            
            
            BID: 65982 // 
            
            
            
            JVNDB: JVNDB-2014-001583 // 
            
            
            
            CNNVD: CNNVD-201403-136 // 
            
            
            
            NVD: CVE-2014-0705

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 65982

SOURCES
db:CNVDid:CNVD-2014-01524
db:VULHUBid:VHN-68198
db:BIDid:65982
db:JVNDBid:JVNDB-2014-001583
db:CNNVDid:CNNVD-201403-136
db:NVDid:CVE-2014-0705

LAST UPDATE DATE
2025-04-13T23:10:18.676000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2014-01524date:2014-03-07T00:00:00
db:VULHUBid:VHN-68198date:2014-03-07T00:00:00
db:BIDid:65982date:2014-03-05T00:00:00
db:JVNDBid:JVNDB-2014-001583date:2014-03-07T00:00:00
db:CNNVDid:CNNVD-201403-136date:2014-03-11T00:00:00
db:NVDid:CVE-2014-0705date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2014-01524date:2014-03-07T00:00:00
db:VULHUBid:VHN-68198date:2014-03-06T00:00:00
db:BIDid:65982date:2014-03-05T00:00:00
db:JVNDBid:JVNDB-2014-001583date:2014-03-07T00:00:00
db:CNNVDid:CNNVD-201403-136date:2014-03-11T00:00:00
db:NVDid:CVE-2014-0705date:2014-03-06T11:55:05.380