Vulnerability Description
The mDNS snooping functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.4.1.54 and earlier does not properly manage buffers, which allows remote authenticated users to cause a denial of service (device reload) via crafted mDNS packets, aka Bug ID CSCue04153.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Wireless Lan Controller Software | <= 7.4.1.54 |
| Cisco | Wireless Lan Controller | All versions |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1141Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=28417Vendor Advisory
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1141Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=28417Vendor Advisory
FAQ
What is CVE-2013-1141?
CVE-2013-1141 is a vulnerability with a CVSS score of 6.1 (MEDIUM). The mDNS snooping functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.4.1.54 and earlier does not properly manage buffers, which allows remote authenticated users to cause a d...
How severe is CVE-2013-1141?
CVE-2013-1141 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-1141?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Wireless Lan Controller Software, Cisco Wireless Lan Controller.