CVE-2014-0704

EUVD-2014-0735
The IGMP implementation on Cisco Wireless LAN Controller (WLC) devices 4.x, 5.x, 6.x, 7.0 before 7.0.250.0, 7.1, 7.2, and 7.3, when IGMPv3 Snooping is enabled, allows remote attackers to cause a denial of service (memory over-read and device restart) via a crafted field in an IGMPv3 message, aka Bug ID CSCuh33240.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.1 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
Affected Products (NVD)
VendorProductVersion
ciscowireless_lan_controller_software
4.0
ciscowireless_lan_controller_software
4.0.108
ciscowireless_lan_controller_software
4.0.155.0
ciscowireless_lan_controller_software
4.0.155.5
ciscowireless_lan_controller_software
4.0.179.8
ciscowireless_lan_controller_software
4.0.179.11
ciscowireless_lan_controller_software
4.0.196
ciscowireless_lan_controller_software
4.0.206.0
ciscowireless_lan_controller_software
4.0.217.0
ciscowireless_lan_controller_software
4.0.219.0
ciscowireless_lan_controller_software
4.1
ciscowireless_lan_controller_software
4.1.171.0
ciscowireless_lan_controller_software
4.1.181.0
ciscowireless_lan_controller_software
4.1.185.0
ciscowireless_lan_controller_software
4.1m:m
ciscowireless_lan_controller_software
4.2
ciscowireless_lan_controller_software
4.2.61.0
ciscowireless_lan_controller_software
4.2.99.0
ciscowireless_lan_controller_software
4.2.112.0
ciscowireless_lan_controller_software
4.2.117.0
ciscowireless_lan_controller_software
4.2.130.0
ciscowireless_lan_controller_software
4.2.173.0
ciscowireless_lan_controller_software
4.2.174.0
ciscowireless_lan_controller_software
4.2.176.0
ciscowireless_lan_controller_software
4.2.182.0
ciscowireless_lan_controller_software
4.2m:m
ciscowireless_lan_controller_software
5.0
ciscowireless_lan_controller_software
5.0.148.0
ciscowireless_lan_controller_software
5.0.148.2
ciscowireless_lan_controller_software
5.1
ciscowireless_lan_controller_software
5.1.151.0
ciscowireless_lan_controller_software
5.1.152.0
ciscowireless_lan_controller_software
5.1.160.0
ciscowireless_lan_controller_software
5.2
ciscowireless_lan_controller_software
5.2.157.0
ciscowireless_lan_controller_software
5.2.169.0
ciscowireless_lan_controller_software
6.0
ciscowireless_lan_controller_software
6.0.182.0
ciscowireless_lan_controller_software
6.0.188.0
ciscowireless_lan_controller_software
6.0.196.0
ciscowireless_lan_controller_software
6.0.199.0
ciscowireless_lan_controller_software
6.0.199.4
ciscowireless_lan_controller_software
7.0
ciscowireless_lan_controller_software
7.0.98.0
ciscowireless_lan_controller_software
7.0.220.0
ciscowireless_lan_controller_software
7.0.235.0
ciscowireless_lan_controller_software
7.1
ciscowireless_lan_controller_software
7.1.91.0
ciscowireless_lan_controller_software
7.2
ciscowireless_lan_controller_software
7.2.103.0
ciscowireless_lan_controller_software
7.2.110.0
ciscowireless_lan_controller_software
7.3
ciscowireless_lan_controller_software
7.3.101.0
ciscowireless_lan_controller
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc