Vulnerability Description
A vulnerability in the web management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a missing internal handler for the specific request. An attacker could exploit this vulnerability by accessing a specific hidden URL on the GUI web management interface. A successful exploit could allow the attacker to cause a reload of the device, resulting in a DoS condition. This vulnerability affects only the Cisco Wireless LAN Controller 8.3.102.0 release. Cisco Bug IDs: CSCvb48198.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Wireless Lan Controller Firmware | 8.3.102.0 |
| Cisco | Wireless Lan Controller | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/97421Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038184Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
- http://www.securityfocus.com/bid/97421Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038184Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
FAQ
What is CVE-2017-3832?
CVE-2017-3832 is a vulnerability with a CVSS score of 7.5 (HIGH). A vulnerability in the web management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affec...
How severe is CVE-2017-3832?
CVE-2017-3832 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-3832?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Wireless Lan Controller Firmware, Cisco Wireless Lan Controller.