{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Cisco Wireless Services Modules (WISM) ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco 2100 Series WLC ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco 5500 Series WLC ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Flex 7500 Series Cloud Controllers.","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco 4100 Series WLC ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Catalyst 3750G Integrated WLCs ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco NM-AIR-WLC Modules for Integrated Services Routers ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco 500 Series Wireless Express Mobility Controllers ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco 2500 Series WLC ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco NME-AIR-WLC Modules for Integrated Services Routers ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Wireless Services Modules version 2 (WSIM version 2) ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco 2000 Series WLC ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco 4400 Series WLC ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Cisco Wireless LAN\nControllers :\n\n- un attaquant distant peut, sans authentification, provoquer un arr\u00eat\n inopin\u00e9 du mat\u00e9riel en soumettant une URL mal form\u00e9e \u00e0 l'interface\n de gestion (CVE-2012-0368) ;\n- un attaquant distant peut, sans authentification, provoquer un\n red\u00e9marrage du mat\u00e9riel en envoyant une s\u00e9rie de paquets IPv6\n (CVE-2012-0369) ;\n- un attaquant distant peut, sans authentification, provoquer un\n red\u00e9marrage du mat\u00e9riel en envoyant une s\u00e9rie de paquets HTTP ou\n HTTPS (CVE-2012-0370) ;\n- un attaquant distant peut, dans certains cas, se connecter sans\n authentification au contr\u00f4leur via le port 1023/tcp et en modifier\n la configuration. Cette vuln\u00e9rabilit\u00e9 n'affecte que Cisco 4400\n Series WLC, WISM (version 1) et Cisco Catalyst 3750G Integrated WLCs\n (CVE-2012-0371).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2012-0370","url":"https://www.cve.org/CVERecord?id=CVE-2012-0370"},{"name":"CVE-2012-0369","url":"https://www.cve.org/CVERecord?id=CVE-2012-0369"},{"name":"CVE-2012-0371","url":"https://www.cve.org/CVERecord?id=CVE-2012-0371"},{"name":"CVE-2012-0368","url":"https://www.cve.org/CVERecord?id=CVE-2012-0368"}],"links":[],"reference":"CERTA-2012-AVI-107","revisions":[{"description":"version initiale.","revision_date":"2012-03-01T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s dans Cisco Wireless LAN\nControllers permettent de r\u00e9aliser des d\u00e9nis de service \u00e0\ndistance et de modifier la configuration du mat\u00e9riel.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Cisco Wireless LAN Controllers","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco 20120229-wlc du 29 f\u00e9vrier 2012","url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"}]}