PT-2016-1107 · Cisco · Cisco Wireless Lan Controller+1

Published

2016-01-13

Updated

2021-04-16

CVE-2015-6314

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Cisco Wireless LAN Controller versions 7.6.x through 8.0 before 8.0.121.0 Cisco Wireless LAN Controller versions 8.1 before 8.1.131.0

Description The issue is related to weaknesses in the authentication procedure of the Cisco wireless LAN controller software. It may allow a remote attacker to modify configuration settings. An unauthenticated, remote attacker could exploit this issue to change the configuration of the device, potentially compromising it completely.

Recommendations For Cisco Wireless LAN Controller versions 7.6.x through 8.0 before 8.0.121.0, upgrade to version 8.0.121.0 or later. For Cisco Wireless LAN Controller versions 8.1 before 8.1.131.0, upgrade to version 8.1.131.0 or later.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

BDU:2016-00301

CVE-2015-6314

Affected Products

Cisco Wireless Lan Controller

Cisco Wls

PT-2016-1107 · Cisco · Cisco Wireless Lan Controller+1

CVE-2015-6314

Weakness Enumeration

Related Identifiers

Affected Products

References · 6