var-200908-0530
Vulnerability from variot
The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of service (service outage) via crafted remote radio management (RRM) packets, aka "SkyJack" or Bug ID CSCtb56664. Aironet 1200 is prone to a denial-of-service vulnerability. Cisco Aironet wireless access points (APs) are very popular wireless access network devices. Aironet wireless AP devices send the content of some multicast data frames in plain text, and remote attackers can obtain sensitive information such as the MAC address, IP address, and AP configuration of the wireless LAN controller by sniffing the wireless network. This paper associates devices with malicious controllers so that wireless clients cannot access legitimate network resources. This is a denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200908-0530",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "aironet ap1200",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "aironet ap1100",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "aironet ap1100 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "aironet ap1200 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "aironet ap1100",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "aironet ap1200",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "aironet",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1200"
},
{
"model": "aironet",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1100"
}
],
"sources": [
{
"db": "BID",
"id": "79399"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003679"
},
{
"db": "NVD",
"id": "CVE-2009-2861"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-440"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_ap1200:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_ap1100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2861"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AirMagnet",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200908-440"
}
],
"trust": 0.6
},
"cve": "CVE-2009-2861",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2009-2861",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"id": "VHN-40307",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:A/AC:M/AU:N/C:N/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-2861",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200908-440",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-40307",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40307"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003679"
},
{
"db": "NVD",
"id": "CVE-2009-2861"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-440"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of service (service outage) via crafted remote radio management (RRM) packets, aka \"SkyJack\" or Bug ID CSCtb56664. Aironet 1200 is prone to a denial-of-service vulnerability. Cisco Aironet wireless access points (APs) are very popular wireless access network devices. Aironet wireless AP devices send the content of some multicast data frames in plain text, and remote attackers can obtain sensitive information such as the MAC address, IP address, and AP configuration of the wireless LAN controller by sniffing the wireless network. This paper associates devices with malicious controllers so that wireless clients cannot access legitimate network resources. This is a denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2861"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003679"
},
{
"db": "BID",
"id": "79399"
},
{
"db": "VULHUB",
"id": "VHN-40307"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-2861",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1022774",
"trust": 2.0
},
{
"db": "BID",
"id": "36145",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2009-2419",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003679",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200908-440",
"trust": 0.7
},
{
"db": "BID",
"id": "79399",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-40307",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40307"
},
{
"db": "BID",
"id": "79399"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003679"
},
{
"db": "NVD",
"id": "CVE-2009-2861"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-440"
}
]
},
"id": "VAR-200908-0530",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-40307"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:15:21.520000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "IntelliShield ID: 18919",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=18919"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-003679"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-003679"
},
{
"db": "NVD",
"id": "CVE-2009-2861"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.securityfocus.com/bid/36145"
},
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=18919"
},
{
"trust": 2.0,
"url": "http://www.airmagnet.com/assets/am_technote_skyjack_082509.pdf"
},
{
"trust": 2.0,
"url": "http://www.airmagnet.com/news/press_releases/2009/08252009.php"
},
{
"trust": 2.0,
"url": "http://securitytracker.com/id?1022774"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/2419"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2861"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-2861"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40307"
},
{
"db": "BID",
"id": "79399"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003679"
},
{
"db": "NVD",
"id": "CVE-2009-2861"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-440"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-40307"
},
{
"db": "BID",
"id": "79399"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003679"
},
{
"db": "NVD",
"id": "CVE-2009-2861"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-440"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-08-27T00:00:00",
"db": "VULHUB",
"id": "VHN-40307"
},
{
"date": "2009-08-27T00:00:00",
"db": "BID",
"id": "79399"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-003679"
},
{
"date": "2009-08-27T17:00:01.077000",
"db": "NVD",
"id": "CVE-2009-2861"
},
{
"date": "2009-08-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200908-440"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-08-28T00:00:00",
"db": "VULHUB",
"id": "VHN-40307"
},
{
"date": "2009-08-27T00:00:00",
"db": "BID",
"id": "79399"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-003679"
},
{
"date": "2009-08-28T04:00:00",
"db": "NVD",
"id": "CVE-2009-2861"
},
{
"date": "2009-08-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200908-440"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200908-440"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Aironet Lightweight Access Point Such as OTAP Service disruption in functionality (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-003679"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200908-440"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.