VAR-200207-0089
Vulnerability from variot - Updated: 2023-12-18 13:58Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords. The Cisco Aironet product family provides wireless LAN (WLAN) support for a wide range of applications. A vulnerability has been reported in some Aironet products. If telnet access to the device is enabled, an attacker is able to cause the device to reboot. Authentication is not required, although it must be supported. This vulnerability cannot be triggered through the WEB interface
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200207-0089",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "aironet ap350",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "11.21"
},
{
"model": "aironet ap350",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "11.21"
},
{
"model": "aironet ap340",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "11.21"
},
{
"model": "aironet ap340",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "11.21"
},
{
"model": "br350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ap350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ap340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "br340",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "aironet",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4800"
},
{
"model": "aironet",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4500"
},
{
"model": "aironet",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3500"
},
{
"model": "aironet",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
}
],
"sources": [
{
"db": "BID",
"id": "4461"
},
{
"db": "NVD",
"id": "CVE-2002-0545"
},
{
"db": "CNNVD",
"id": "CNNVD-200207-003"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_ap350:11.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_ap340:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.21",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_ap350:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.21",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0545"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Systems Product Security Incident Response Team\u203b psirt@cisco.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200207-003"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0545",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-4937",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-0545",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200207-003",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-4937",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4937"
},
{
"db": "NVD",
"id": "CVE-2002-0545"
},
{
"db": "CNNVD",
"id": "CNNVD-200207-003"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords. The Cisco Aironet product family provides wireless LAN (WLAN) support for a wide range of applications. \nA vulnerability has been reported in some Aironet products. If telnet access to the device is enabled, an attacker is able to cause the device to reboot. Authentication is not required, although it must be supported. This vulnerability cannot be triggered through the WEB interface",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0545"
},
{
"db": "BID",
"id": "4461"
},
{
"db": "VULHUB",
"id": "VHN-4937"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "4461",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-0545",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200207-003",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20020409 AIRONET TELNET VULNERABILITY",
"trust": 0.6
},
{
"db": "XF",
"id": "8788",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4937",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4937"
},
{
"db": "BID",
"id": "4461"
},
{
"db": "NVD",
"id": "CVE-2002-0545"
},
{
"db": "CNNVD",
"id": "CNNVD-200207-003"
}
]
},
"id": "VAR-200207-0089",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4937"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:58:42.052000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0545"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/4461"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/warp/public/707/aironet-telnet.shtml"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/8788.php"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4937"
},
{
"db": "NVD",
"id": "CVE-2002-0545"
},
{
"db": "CNNVD",
"id": "CNNVD-200207-003"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4937"
},
{
"db": "BID",
"id": "4461"
},
{
"db": "NVD",
"id": "CVE-2002-0545"
},
{
"db": "CNNVD",
"id": "CNNVD-200207-003"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-07-03T00:00:00",
"db": "VULHUB",
"id": "VHN-4937"
},
{
"date": "2002-04-09T00:00:00",
"db": "BID",
"id": "4461"
},
{
"date": "2002-07-03T04:00:00",
"db": "NVD",
"id": "CVE-2002-0545"
},
{
"date": "2002-04-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200207-003"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-4937"
},
{
"date": "2002-04-09T00:00:00",
"db": "BID",
"id": "4461"
},
{
"date": "2008-09-05T20:28:18.273000",
"db": "NVD",
"id": "CVE-2002-0545"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200207-003"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200207-003"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Aironet Telnet Verify that there is a denial of service vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200207-003"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200207-003"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…