CVE-2013-3474

EUVD-2013-3409
The Web Administrator Interface on Cisco Wireless LAN Controller (WLC) devices allows remote authenticated users to cause a denial of service (device crash) by leveraging membership in the Full Manager managers group, Read Only managers group, or Lobby Ambassador managers group, and sending a request that (1) lacks a parameter value or (2) contains a malformed parameter value, aka Bug IDs CSCuh14313, CSCuh14159, CSCuh14368, and CSCuh14436.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
Affected Products (NVD)
VendorProductVersion
ciscowireless_lan_controller
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/96763
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3474
http://www.securityfocus.com/bid/62084
http://www.securitytracker.com/id/1028970
https://exchange.xforce.ibmcloud.com/vulnerabilities/86811
http://osvdb.org/96763
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3474
http://www.securityfocus.com/bid/62084
http://www.securitytracker.com/id/1028970
https://exchange.xforce.ibmcloud.com/vulnerabilities/86811