Vulnerability Description
A vulnerability in the Secure Shell (SSH) session management for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the SSH process is not properly deleted when an SSH connection to the device is disconnected. An attacker could exploit this vulnerability by repeatedly opening SSH connections to an affected device. A successful exploit could allow the attacker to exhaust system resources by initiating multiple SSH connections to the device that are not effectively terminated, which could result in a DoS condition.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | 5520 Wireless Lan Controller Firmware | <= 8.5.140.0 |
| Cisco | 5520 Wireless Lan Controller | - |
| Cisco | 5508 Wireless Lan Controller Firmware | <= 8.5.140.0 |
| Cisco | 5508 Wireless Lan Controller | - |
Related Weaknesses (CWE)
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
FAQ
What is CVE-2019-15262?
CVE-2019-15262 is a vulnerability with a CVSS score of 7.5 (HIGH). A vulnerability in the Secure Shell (SSH) session management for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) conditi...
How severe is CVE-2019-15262?
CVE-2019-15262 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-15262?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco 5520 Wireless Lan Controller Firmware, Cisco 5520 Wireless Lan Controller, Cisco 5508 Wireless Lan Controller Firmware, Cisco 5508 Wireless Lan Controller.