7.8
CVE-2009-0059
- EPSS 0.99%
- Published 05.02.2009 00:30:00
- Last modified 09.04.2025 00:30:58
- Source psirt@cisco.com
- Teams watchlist Login
- Open Login
The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a denial of service (device reload) via a web authentication (aka WebAuth) session that includes a malformed POST request to login.html.
Data is provided by the National Vulnerability Database (NVD)
Cisco ≫ 4400 Wireless Lan Controller Version4.1
Cisco ≫ 4400 Wireless Lan Controller Version4.2
Cisco ≫ 4400 Wireless Lan Controller Version5.2
Cisco ≫ Catalyst 7600 Series Wireless Lan Controller Version4.1
Cisco ≫ Catalyst 7600 Series Wireless Lan Controller Version4.2
Cisco ≫ Catalyst 7600 Series Wireless Lan Controller Version5.2
Cisco ≫ Wireless Lan Controller Software Version4.1
Cisco ≫ Wireless Lan Controller Software Version4.2
Cisco ≫ Wireless Lan Controller Software Version5.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.99% | 0.748 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.