Strix
26.1K

CVE-2009-1167

UnknownEPSS 2.15%

Last modified

CVE-2009-1167 is a vulnerability of currently unknown severity. Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to modify the configuration via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy44672.. EPSS estimates a 2.15% chance of exploitation in the next 30 days.

Description

Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to modify the configuration via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy44672.

Metrics

EPSS Probability
2.15%

79.8th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
CiscoCatalyst 3750gAll versions
CiscoCisco 1500 Wireless Lan Controller4.1
CiscoCisco 1500 Wireless Lan Controller4.1m
CiscoCisco 1500 Wireless Lan Controller4.2
CiscoCisco 1500 Wireless Lan Controller5.0
CiscoCisco 1500 Wireless Lan Controller5.1
CiscoCisco 1500 Wireless Lan Controller5.2
CiscoCisco 2000 Wireless Lan Controller4.1
CiscoCisco 2000 Wireless Lan Controller4.1m
CiscoCisco 2000 Wireless Lan Controller4.2
CiscoCisco 2000 Wireless Lan Controller5.0
CiscoCisco 2000 Wireless Lan Controller5.1
CiscoCisco 2000 Wireless Lan Controller5.2
CiscoCisco 2100 Wireless Lan Controller4.1
CiscoCisco 2100 Wireless Lan Controller4.1m
CiscoCisco 2100 Wireless Lan Controller4.2
CiscoCisco 2100 Wireless Lan Controller5.0
CiscoCisco 2100 Wireless Lan Controller5.1
CiscoCisco 2100 Wireless Lan Controller5.2
CiscoCisco 4100 Wireless Lan Controller4.1
CiscoCisco 4100 Wireless Lan Controller4.1m
CiscoCisco 4100 Wireless Lan Controller4.2
CiscoCisco 4100 Wireless Lan Controller5.0
CiscoCisco 4100 Wireless Lan Controller5.1
CiscoCisco 4100 Wireless Lan Controller5.2
CiscoCisco 4200 Wireless Lan Controller4.1
CiscoCisco 4200 Wireless Lan Controller4.1m
CiscoCisco 4200 Wireless Lan Controller4.2
CiscoCisco 4200 Wireless Lan Controller5.0
CiscoCisco 4200 Wireless Lan Controller5.1
CiscoCisco 4200 Wireless Lan Controller5.2
CiscoCisco 4400 Wireless Lan Controller4.1
CiscoCisco 4400 Wireless Lan Controller4.1m
CiscoCisco 4400 Wireless Lan Controller4.2
CiscoCisco 4400 Wireless Lan Controller5.0
CiscoCisco 4400 Wireless Lan Controller5.1
CiscoCisco 4400 Wireless Lan Controller5.2

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2009-1167?
Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to modify the configuration via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy44672.
How severe is CVE-2009-1167?
Severity scoring for CVE-2009-1167 is pending analysis. The EPSS model estimates a 2.15% probability of exploitation in the next 30 days.
How do I fix CVE-2009-1167?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-1167?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST