—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Cisco Security Advisory: Cisco Wireless LAN Controller Management GUI Denial of Service Vulnerability
Advisory ID: cisco-sa-20170405-wlc3
Revision: 1.0
For Public Release: 2017 April 5 16:00 GMT
Last Updated: 2017 April 5 16:00 GMT
CVE ID(s): CVE-2017-3832
CVSS Score v(3): 8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
+———————————————————————
Summary
=======
A vulnerability in the web management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
The vulnerability is due to a missing internal handler for the specific request. An attacker could exploit this vulnerability by accessing a specific hidden URL on the web management interface. A successful exploit could allow the attacker to cause a reload of the device, resulting in a DoS condition.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-wlc3 [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-wlc3”]
—–BEGIN PGP SIGNATURE—–
iQKBBAEBAgBrBQJY5RUBZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg
SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx
NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHmzBw//XFeVmnZYBr43cDNl
On+2wDW8lPUqj4F8fzcxPJL1OjrcfQNstxbFaKRbQM34QpHzQ0mEArW2V9ATBVnW
pBCN8NbhKe/5GTc388kmd3FyXkwfhxej7YVjBx12WToLERlWd0wivdK6gQu0WDQN
M9wJFnZP5iUEfsmCqr5f8lxYxqI0YKfgzYUTEynqdUR5o+qyQGZzYrW6b93vDcoB
hlt51sDiqDysRirBP4qHHJp0qPEq6qHIdE3Gv4EELEs2zfon03rCUHOGQ50MAy53
iBMRu9xUqUlDWm8ihfkrs8ADzHetLuBl/cXv9mMuSke2Joii1eiSqTxYmj5E0XRl
2PKy3P8fPUc1VaOun1/jGuxIarVSZXEdjDReRRKDGNSLSyev0mwDplyKFYq/cKCS
bYFPkYMzcdvD00P286krWPnDwd9OfYyOxdScahi27cg9crNmKsqVfHf8ZgO/R3kl
eZoONLDalLO/FLLqQYjPuMsV8IT3RvCgUvQNZk019/V28p3rfx5DaZc50b2YJP9N
7jyg1dcdEg8B6CfHdd5a9SRWZbpOnJKqO2t5KV9ThPqFmBNZwqxgyO5TFUmqJo+V
wMtFOQkJ/Tb7W8uaAEngUxCOkbuqi1FI7CBbtkc7OmpZbYo8/v6ysw8dwDGslSFy
FpuNd3aUdREzb4t0b7P92HOHDdw=
=6aS4
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com