VAR-201403-0209
Vulnerability from variot - Updated: 2025-04-13 23:10The multicast listener discovery (MLD) service on Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, 7.4 before 7.4.121.0, and 7.5, when MLDv2 Snooping is enabled, allows remote attackers to cause a denial of service (device restart) via a malformed IPv6 MLDv2 packet, aka Bug ID CSCuh74233. Vendors have confirmed this vulnerability Bug ID CSCuh74233 It is released as.Malformed by a third party IPv6 MLDv2 Service disruption via packets ( Reboot device ) There is a possibility of being put into a state. The Cisco Wireless LAN Controller is responsible for system-wide wireless LAN functions such as security policy, intrusion protection, RF management, quality of service, and mobility. Attackers can exploit this issue to cause the affected device to restart, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuh74233
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201403-0209",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "7.3"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.3.101.0"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.4.100.60"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.2.110.0"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.4.100.0"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.2.103.0"
},
{
"model": "wireless lan controller",
"scope": null,
"trust": 1.4,
"vendor": "cisco",
"version": null
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "wireless lan controller software",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7.4.121.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-136"
},
{
"db": "NVD",
"id": "CVE-2014-0705"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:wireless_lan_controller",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:wireless_lan_controller_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "65982"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0705",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2014-0705",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2014-01524",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-68198",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0705",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0705",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2014-01524",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201403-136",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-68198",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"db": "VULHUB",
"id": "VHN-68198"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-136"
},
{
"db": "NVD",
"id": "CVE-2014-0705"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The multicast listener discovery (MLD) service on Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, 7.4 before 7.4.121.0, and 7.5, when MLDv2 Snooping is enabled, allows remote attackers to cause a denial of service (device restart) via a malformed IPv6 MLDv2 packet, aka Bug ID CSCuh74233. Vendors have confirmed this vulnerability Bug ID CSCuh74233 It is released as.Malformed by a third party IPv6 MLDv2 Service disruption via packets ( Reboot device ) There is a possibility of being put into a state. The Cisco Wireless LAN Controller is responsible for system-wide wireless LAN functions such as security policy, intrusion protection, RF management, quality of service, and mobility. \nAttackers can exploit this issue to cause the affected device to restart, denying service to legitimate users. \nThis issue is being tracked by Cisco Bug ID CSCuh74233",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0705"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
},
{
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"db": "BID",
"id": "65982"
},
{
"db": "VULHUB",
"id": "VHN-68198"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0705",
"trust": 3.4
},
{
"db": "BID",
"id": "65982",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001583",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201403-136",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-01524",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "57128",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20140305 MULTIPLE VULNERABILITIES IN CISCO WIRELESS LAN CONTROLLERS",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-61671",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-68198",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"db": "VULHUB",
"id": "VHN-68198"
},
{
"db": "BID",
"id": "65982"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-136"
},
{
"db": "NVD",
"id": "CVE-2014-0705"
}
]
},
"id": "VAR-201403-0209",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"db": "VULHUB",
"id": "VHN-68198"
}
],
"trust": 1.2343109399999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01524"
}
]
},
"last_update_date": "2025-04-13T23:10:18.676000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "30830",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=30830"
},
{
"title": "cisco-sa-20140305-wlc",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc"
},
{
"title": "33101",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33101"
},
{
"title": "cisco-sa-20140305-wlc",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/JP/112/1122/1122122_cisco-sa-20140305-wlc-j.html"
},
{
"title": "\\302\\240\\302\\240Patch for Cisco Wireless LAN Controller Remote Denial of Service Vulnerability (CNVD-2014-01524)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/44105"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68198"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
},
{
"db": "NVD",
"id": "CVE-2014-0705"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140305-wlc"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0705"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0705"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/57128"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"db": "VULHUB",
"id": "VHN-68198"
},
{
"db": "BID",
"id": "65982"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-136"
},
{
"db": "NVD",
"id": "CVE-2014-0705"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"db": "VULHUB",
"id": "VHN-68198"
},
{
"db": "BID",
"id": "65982"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-136"
},
{
"db": "NVD",
"id": "CVE-2014-0705"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"date": "2014-03-06T00:00:00",
"db": "VULHUB",
"id": "VHN-68198"
},
{
"date": "2014-03-05T00:00:00",
"db": "BID",
"id": "65982"
},
{
"date": "2014-03-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001583"
},
{
"date": "2014-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-136"
},
{
"date": "2014-03-06T11:55:05.380000",
"db": "NVD",
"id": "CVE-2014-0705"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01524"
},
{
"date": "2014-03-07T00:00:00",
"db": "VULHUB",
"id": "VHN-68198"
},
{
"date": "2014-03-05T00:00:00",
"db": "BID",
"id": "65982"
},
{
"date": "2014-03-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001583"
},
{
"date": "2014-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-136"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-0705"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201403-136"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Wireless LAN Controller Service disruption in device multicast listener discovery service (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001583"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201403-136"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…