CVE-2007-2039 — MEDIUM (6.1)

Q: How severe is CVE-2007-2039?

CVE-2007-2039 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2007-2039?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Wireless Lan Controller Software.

Vulnerability Description

The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.171.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1) crafted SNAP packets, (2) malformed 802.11 traffic, or (3) packets with certain header length values, aka Bug IDs CSCsg15901 and CSCsh10841.

CVSS Score

6.1

MEDIUM

AV:A/AC:L/Au:N/C:N/I:N/A:C

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Cisco	Wireless Lan Controller Software	>= 3.2, < 3.2.171.5

Related Weaknesses (CWE)

CWE-399

References

http://securitytracker.com/id?1017908Third Party AdvisoryVDB Entry
http://www.cisco.com/warp/public/707/cisco-sa-20070412-wlc.shtmlPatchVendor Advisory
http://www.osvdb.org/34137Broken Link
http://www.osvdb.org/34139Broken Link
http://www.securityfocus.com/bid/23461Third Party AdvisoryVDB Entry
http://www.vupen.com/english/advisories/2007/1368Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33609Third Party AdvisoryVDB Entry
http://securitytracker.com/id?1017908Third Party AdvisoryVDB Entry
http://www.cisco.com/warp/public/707/cisco-sa-20070412-wlc.shtmlPatchVendor Advisory
http://www.osvdb.org/34137Broken Link
http://www.osvdb.org/34139Broken Link
http://www.securityfocus.com/bid/23461Third Party AdvisoryVDB Entry
http://www.vupen.com/english/advisories/2007/1368Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33609Third Party AdvisoryVDB Entry

FAQ

What is CVE-2007-2039?

CVE-2007-2039 is a vulnerability with a CVSS score of 6.1 (MEDIUM). The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.171.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial o...

How severe is CVE-2007-2039?

CVE-2007-2039 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-2039?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Wireless Lan Controller Software.