CVE-2014-0703

critical

Published 2014-03-06 · Modified 2026-05-06

CVSS v3

—

CVSS v2

10.0

VIR risk

10.0

Description

Cisco Wireless LAN Controller (WLC) devices 7.4 before 7.4.110.0 distribute Aironet IOS software with a race condition in the status of the administrative HTTP server, which allows remote attackers to bypass intended access restrictions by connecting to an Aironet access point on which this server had been disabled ineffectively, aka Bug ID CSCuf66202.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@cisco.com — http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc

CWEs

CWE-362

Verify integrity in audit chain (admin only). AS-IS.