1. Home
  2. CVE Database
  3. CVE-2007-4011
HIGH · 7.1

CVE-2007-4011

Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software before 3.2 20070727, 4.0 before 20070727, and 4.1 before 4.1.180.0 allows remote attackers to cau...

Vulnerability Description

Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software before 3.2 20070727, 4.0 before 20070727, and 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (traffic amplification or ARP storm) via a crafted unicast ARP request that (1) has a destination MAC address unknown to the Layer-2 infrastructure, aka CSCsj69233; or (2) occurs during Layer-3 roaming across IP subnets, aka CSCsj70841.

CVSS Score

7.1

HIGH

AV:N/AC:M/Au:N/C:N/I:N/A:C
Confidentiality
NONE
Integrity
NONE
Availability
COMPLETE

Affected Products

VendorProductVersions
Cisco4100 Wireless Lan ControllerAll versions
Cisco4400 Wireless Lan ControllerAll versions
CiscoAirespace 4000 Wireless Lan ControllerAll versions
CiscoCatalyst 3750All versions
CiscoCatalyst 6500All versions
CiscoWireless Lan Controller Software3.2

References

FAQ

What is CVE-2007-4011?

CVE-2007-4011 is a vulnerability with a CVSS score of 7.1 (HIGH). Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software before 3.2 20070727, 4.0 before 20070727, and 4.1 before 4.1.180.0 allows remote attackers to cau...

How severe is CVE-2007-4011?

CVE-2007-4011 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-4011?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco 4100 Wireless Lan Controller, Cisco 4400 Wireless Lan Controller, Cisco Airespace 4000 Wireless Lan Controller, Cisco Catalyst 3750, Cisco Catalyst 6500.