CVE-2014-0701 : Cisco Wireless LAN Controller (WLC) devices 7.0 before 7.0.250.0, 7.2, 7.3, and

Cisco Wireless LAN Controller (WLC) devices 7.0 before 7.0.250.0, 7.2, 7.3, and 7.4 before 7.4.110.0 do not properly deallocate memory, which allows remote attackers to cause a denial of service (reboot) by sending WebAuth login requests at a high rate, aka Bug ID CSCuf52361.

Published 2014-03-06 11:55:05

Updated 2025-04-12 10:46:41

Source Cisco Systems, Inc.

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2014-0701

Cisco » Wireless Lan Controller Software » Version: 7.2
cpe:2.3:o:cisco:wireless_lan_controller_software:7.2:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Wireless Lan Controller
Cisco » Wireless Lan Controller Software » Version: 7.0
cpe:2.3:o:cisco:wireless_lan_controller_software:7.0:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Wireless Lan Controller
Cisco » Wireless Lan Controller Software » Version: 7.2.110.0
cpe:2.3:o:cisco:wireless_lan_controller_software:7.2.110.0:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Wireless Lan Controller
Cisco » Wireless Lan Controller Software » Version: 7.3
cpe:2.3:o:cisco:wireless_lan_controller_software:7.3:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Wireless Lan Controller
Cisco » Wireless Lan Controller Software » Version: 7.3.101.0
cpe:2.3:o:cisco:wireless_lan_controller_software:7.3.101.0:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Wireless Lan Controller
Cisco » Wireless Lan Controller Software » Version: 7.0.220.0
cpe:2.3:o:cisco:wireless_lan_controller_software:7.0.220.0:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Wireless Lan Controller
Cisco » Wireless Lan Controller Software » Version: 7.2.103.0
cpe:2.3:o:cisco:wireless_lan_controller_software:7.2.103.0:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Wireless Lan Controller
Cisco » Wireless Lan Controller Software » Version: 7.0.235.0
cpe:2.3:o:cisco:wireless_lan_controller_software:7.0.235.0:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Wireless Lan Controller
Cisco » Wireless Lan Controller Software » Version: 7.4.100.0
cpe:2.3:o:cisco:wireless_lan_controller_software:7.4.100.0:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Wireless Lan Controller
Cisco » Wireless Lan Controller Software » Version: 7.4.100.60
cpe:2.3:o:cisco:wireless_lan_controller_software:7.4.100.60:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Wireless Lan Controller

Exploit prediction scoring system (EPSS) score for CVE-2014-0701

EPSS FAQ

0.39%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 57 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2014-0701

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.8	HIGH	AV:N/AC:L/Au:N/C:N/I:N/A:C	10.0	6.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete

CWE ids for CVE-2014-0701

CWE-399

Assigned by: nvd@nist.gov (Primary)

References for CVE-2014-0701

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc

Multiple Vulnerabilities in Cisco Wireless LAN Controllers
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2014-0701

Products affected by CVE-2014-0701

Exploit prediction scoring system (EPSS) score for CVE-2014-0701

CVSS scores for CVE-2014-0701

CWE ids for CVE-2014-0701

References for CVE-2014-0701