CVE-2015-6258 — MEDIUM (5.0)

Vulnerability Description

The Internet Access Point Protocol (IAPP) module on Cisco Wireless LAN Controller (WLC) devices with software 8.1(104.37) allows remote attackers to trigger incorrect traffic forwarding via crafted IPv6 packets, aka Bug ID CSCuv40033.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Cisco	Wireless Lan Controller Software	8.1.104.37

Related Weaknesses (CWE)

CWE-20

References

http://tools.cisco.com/security/center/viewAlert.x?alertId=40586Vendor Advisory
http://www.securitytracker.com/id/1033360Third Party AdvisoryVDB Entry
http://tools.cisco.com/security/center/viewAlert.x?alertId=40586Vendor Advisory
http://www.securitytracker.com/id/1033360Third Party AdvisoryVDB Entry

FAQ

What is CVE-2015-6258?

CVE-2015-6258 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The Internet Access Point Protocol (IAPP) module on Cisco Wireless LAN Controller (WLC) devices with software 8.1(104.37) allows remote attackers to trigger incorrect traffic forwarding via crafted IP...

How severe is CVE-2015-6258?

CVE-2015-6258 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-6258?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Wireless Lan Controller Software.