漏洞类别:General remote services
漏洞等级: 
漏洞信息
Cisco Wireless LAN Controller helps manage light-weight access points in large quantities by the network administrator or network operations center.
CVE-2013-3474: Cisco Wireless LAN Controller Software contains a vulnerability that could allow an authenticated, remote attacker to cause a denial of service condition on a targeted system by leveraging membership in the Full Manager managers group, Read Only managers group, or Lobby Ambassador managers group, and sending a request that (1) lacks a parameter value or (2) contains a malformed parameter value; aka Bug IDs CSCuh14313, CSCuh14159, CSCuh14368, and CSCuh14436.
CVE-2013-6684:The web framework on Cisco Wireless LAN Controller (WLC) devices does not properly validate configuration parameters, which allows remote authenticated users to cause a denial of service via a crafted HTTP request, aka Bug ID CSCuh81011.
漏洞危害
Successful exploitation allows remote, authenticated users to cause a denial of service (device crash) on a targeted system.
解决方案
Customers are advised to refer to Cisco Security Advisory 30618 for details pertaining to remediating this vulnerability.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论