CVE-2013-1104

The HTTP Profiling functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.3.101.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP User-Agent header, aka Bug ID CSCuc15636.

Published: Jan 24, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-1104
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
cisco / 2000_wireless_lan_controller	-	-
cisco / 2100_wireless_lan_controller	-	-
cisco / 4100_wireless_lan_controller	-	-
cisco / 4400_wireless_lan_controller	-	-
cisco / wireless_lan_controller_software	7.3.101.0	7.3.101.0.x

http://osvdb.org/89533
http://secunia.com/advisories/51965
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130123-wlc
http://www.securityfocus.com/bid/57524
http://www.securitytracker.com/id/1028027
https://exchange.xforce.ibmcloud.com/vulnerabilities/81489

Vulnerability Database

289,784

CVE-2013-1104