CVE-2014-3291

Name: CVE-2014-3291
Creator: NVD / NIST
Published: 2014-06-08T16:55:02.877+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.02%

Last modified Jun 17, 2026

CVE-2014-3291 is a vulnerability of currently unknown severity. Cisco Wireless LAN Controller (WLC) devices allow remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a zero value in Cisco Discovery Protocol packet data that is not properly handled during SNMP polling, aka Bug ID CSCuo12321.. EPSS estimates a 1.02% chance of exploitation in the next 30 days.

Description

Cisco Wireless LAN Controller (WLC) devices allow remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a zero value in Cisco Discovery Protocol packet data that is not properly handled during SNMP polling, aka Bug ID CSCuo12321.

Metrics

EPSS Probability

1.02%

59.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-20

Affected Software

Vendor	Product	Versions
Cisco	Wireless Lan Controller	All versions

References

http://secunia.com/advisories/57895Permissions Required
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3291Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=34558Vendor Advisory
http://www.securityfocus.com/bid/67926Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1030410Third Party Advisory, VDB Entry
http://secunia.com/advisories/57895Permissions Required
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3291Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=34558Vendor Advisory
http://www.securityfocus.com/bid/67926Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1030410Third Party Advisory, VDB Entry

Timeline

Published: Jun 8, 2014
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2014-3291?

How severe is CVE-2014-3291?

Severity scoring for CVE-2014-3291 is pending analysis. The EPSS model estimates a 1.02% probability of exploitation in the next 30 days.

How do I fix CVE-2014-3291?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2014-3291?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST