Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-1104

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2013-1104
Last Modified 03 Jul 2013 01:02:23
Published 24 Jan 2013 04:55:05
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2013-1104

Summary

The HTTP Profiling functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.3.101.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP User-Agent header, aka Bug ID CSCuc15636.

Vulnerable Systems

Operating System

  • Cisco Wireless Lan Controller Software 7.3.101.0


References

CISCO - 20130123 Multiple Vulnerabilities in Cisco Wireless LAN Controllers

XF - cisco-wlc-profiling-code-exec(81489)

SECTRACK - 1028027

BID - 57524

SECUNIA - 51965

OSVDB - 89533


Last Updated: 27 May 2016 11:01:43