CVE-2015-0723

Name of the Vulnerable Software and Affected Versions Cisco Wireless LAN Controller (WLC) versions 7.5.x through 7.6.119

Description A denial of service issue exists due to improper input sanitization of a certain value supplied by a user prior to authentication. An attacker could exploit this by sending a request that triggers the issue, causing a process crash and device restart. The vulnerability can be exploited by an unauthenticated, adjacent attacker with access to the same broadcast or collision domain as the targeted device.

Recommendations For versions 7.5.x through 7.6.119, update to a fixed software version, such as 7.6.120 or later, to resolve the issue. As a temporary workaround, consider restricting access to the wireless web authentication subsystem to minimize the risk of exploitation.