CVE-2014-0701

Name of the Vulnerable Software and Affected Versions Cisco Wireless LAN Controller (WLC) versions 7.0 through 7.0.249.0 Cisco Wireless LAN Controller (WLC) version 7.2 Cisco Wireless LAN Controller (WLC) version 7.3 Cisco Wireless LAN Controller (WLC) versions 7.4 through 7.4.109.0

Description The issue exists due to incorrect memory deallocation in Cisco Wireless LAN Controller (WLC) devices, allowing remote attackers to cause a denial of service (reboot) by sending WebAuth login requests at a high rate.

Recommendations For versions 7.0 through 7.0.249.0, update to version 7.0.250.0 or later. For version 7.2, update to a fixed version, as no specific fixed version is mentioned for this version. For version 7.3, update to a fixed version, as no specific fixed version is mentioned for this version. For versions 7.4 through 7.4.109.0, update to version 7.4.110.0 or later. As a temporary workaround, consider restricting access to the WebAuth login feature to minimize the risk of exploitation.