CVE-2013-3474
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
30/08/2013
Last modified:
11/04/2025
Description
The Web Administrator Interface on Cisco Wireless LAN Controller (WLC) devices allows remote authenticated users to cause a denial of service (device crash) by leveraging membership in the Full Manager managers group, Read Only managers group, or Lobby Ambassador managers group, and sending a request that (1) lacks a parameter value or (2) contains a malformed parameter value, aka Bug IDs CSCuh14313, CSCuh14159, CSCuh14368, and CSCuh14436.
Impact
Base Score 2.0
6.30
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:h:cisco:wireless_lan_controller:*:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://osvdb.org/96763
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3474
- http://www.securityfocus.com/bid/62084
- http://www.securitytracker.com/id/1028970
- https://exchange.xforce.ibmcloud.com/vulnerabilities/86811
- http://osvdb.org/96763
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3474
- http://www.securityfocus.com/bid/62084
- http://www.securitytracker.com/id/1028970
- https://exchange.xforce.ibmcloud.com/vulnerabilities/86811