ID
VAR-201604-0559
CVE
CVE-2016-1362
TITLE
Cisco Wireless LAN Controller Runs on the device AireOS Service disruption in (DoS) Vulnerabilities
Trust: 0.8
DESCRIPTION
Cisco AireOS 4.1 through 7.4.120.0, 7.5.x, and 7.6.100.0 on Wireless LAN Controller (WLC) devices allows remote attackers to cause a denial of service (device reload) via a crafted HTTP request, aka Bug ID CSCun86747. The Cisco WLC is responsible for system-wide wireless LAN functions such as security policy, intrusion protection, RF management, quality of service, and mobility. Attackers can exploit this issue to crash and reload the affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCun86747. Cisco WLC Up Cisco AireOS There are security holes in . The following versions are affected: Cisco AireOS 4.1 version to 7.4.120.0 Version, 7.5.x Version, 7.6.100.0 Version
Trust: 2.52
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | cisco | model: | aireos | scope: | eq | version: | 7.6 | Trust: 1.6 |
| vendor: | cisco | model: | aireos | scope: | eq | version: | 7.5_base | Trust: 1.6 |
| vendor: | cisco | model: | aireos | scope: | eq | version: | 4.1_base | Trust: 1.6 |
| vendor: | cisco | model: | aireos | scope: | eq | version: | 7.4 | Trust: 1.6 |
| vendor: | cisco | model: | aireos | scope: | eq | version: | 4.1 to 7.4.120.0 | Trust: 0.8 |
| vendor: | cisco | model: | aireos | scope: | eq | version: | 7.5.x | Trust: 0.8 |
| vendor: | cisco | model: | aireos | scope: | eq | version: | 7.6.100.0 | Trust: 0.8 |
| vendor: | cisco | model: | wireless lan controller | scope: | eq | version: | 7.5.x | Trust: 0.6 |
| vendor: | cisco | model: | wireless lan controller | scope: | gte | version: | 4.1<=7.4.120.0 | Trust: 0.6 |
| vendor: | cisco | model: | wireless lan controller | scope: | eq | version: | 7.6.100.0 | Trust: 0.6 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-399 | Trust: 1.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
resource management error
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | cisco-sa-20160420-wlc | url: | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-wlc | Trust: 0.8 |
| title: | Cisco WirelessLANControllerWeb Management Interface Denial of Service Vulnerability Patch | url: | https://www.cnvd.org.cn/patchInfo/show/74544 | Trust: 0.6 |
| title: | Cisco Wireless LAN Controller AireOS Remediation measures for denial of service vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61200 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2016-1362 | Trust: 3.4 |
| db: | SECTRACK | id: | 1035634 | Trust: 1.1 |
| db: | JVNDB | id: | JVNDB-2016-002358 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201604-511 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2016-02519 | Trust: 0.6 |
| db: | BID | id: | 86772 | Trust: 0.4 |
| db: | VULHUB | id: | VHN-90181 | Trust: 0.1 |
REFERENCES
| url: | http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160420-wlc | Trust: 2.3 |
| url: | http://www.securitytracker.com/id/1035634 | Trust: 1.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1362 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1362 | Trust: 0.8 |
| url: | http://www.cisco.com/ | Trust: 0.3 |
CREDITS
Cisco
Trust: 0.3
SOURCES
| db: | CNVD | id: | CNVD-2016-02519 |
| db: | VULHUB | id: | VHN-90181 |
| db: | BID | id: | 86772 |
| db: | JVNDB | id: | JVNDB-2016-002358 |
| db: | CNNVD | id: | CNNVD-201604-511 |
| db: | NVD | id: | CVE-2016-1362 |
LAST UPDATE DATE
2025-04-13T23:18:00.424000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2016-02519 | date: | 2016-04-26T00:00:00 |
| db: | VULHUB | id: | VHN-90181 | date: | 2016-12-03T00:00:00 |
| db: | BID | id: | 86772 | date: | 2016-04-20T00:00:00 |
| db: | JVNDB | id: | JVNDB-2016-002358 | date: | 2016-05-02T00:00:00 |
| db: | CNNVD | id: | CNNVD-201604-511 | date: | 2016-04-22T00:00:00 |
| db: | NVD | id: | CVE-2016-1362 | date: | 2025-04-12T10:46:40.837 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2016-02519 | date: | 2016-04-26T00:00:00 |
| db: | VULHUB | id: | VHN-90181 | date: | 2016-04-21T00:00:00 |
| db: | BID | id: | 86772 | date: | 2016-04-20T00:00:00 |
| db: | JVNDB | id: | JVNDB-2016-002358 | date: | 2016-05-02T00:00:00 |
| db: | CNNVD | id: | CNNVD-201604-511 | date: | 2016-04-22T00:00:00 |
| db: | NVD | id: | CVE-2016-1362 | date: | 2016-04-21T11:00:00.493 |