VAR-201303-0052
Vulnerability from variot - Updated: 2023-12-18 12:09The HTTP Profiler on the Cisco Aironet Access Point with software 15.2 and earlier does not properly manage buffers, which allows remote attackers to cause a denial of service (device reload) via crafted HTTP requests, aka Bug ID CSCuc62460. Cisco Aironet Access Points are Cisco's wireless access point and bridge devices. Allows an attacker to reload an affected device, causing a denial of service attack. Successfully exploiting this issue allows remote attackers to cause denial-of-service conditions. This issue is being tracked by Cisco Bug ID CSCuc62460
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201303-0052",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "aironet access point software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.4"
},
{
"model": "aironet access point software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "15.2"
},
{
"model": "aironet access point software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.3"
},
{
"model": "aironet access point software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "aironet access point software",
"scope": "lte",
"trust": 0.8,
"vendor": "cisco",
"version": "15.2"
},
{
"model": "aironet access points",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.x"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01417"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001735"
},
{
"db": "NVD",
"id": "CVE-2012-6026"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-007"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:15.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:12.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_access_point:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-6026"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "58245"
}
],
"trust": 0.3
},
"cve": "CVE-2012-6026",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-6026",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "VHN-59307",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-6026",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201303-007",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-59307",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-59307"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001735"
},
{
"db": "NVD",
"id": "CVE-2012-6026"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-007"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The HTTP Profiler on the Cisco Aironet Access Point with software 15.2 and earlier does not properly manage buffers, which allows remote attackers to cause a denial of service (device reload) via crafted HTTP requests, aka Bug ID CSCuc62460. Cisco Aironet Access Points are Cisco\u0027s wireless access point and bridge devices. Allows an attacker to reload an affected device, causing a denial of service attack. \nSuccessfully exploiting this issue allows remote attackers to cause denial-of-service conditions. \nThis issue is being tracked by Cisco Bug ID CSCuc62460",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-6026"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001735"
},
{
"db": "CNVD",
"id": "CNVD-2013-01417"
},
{
"db": "BID",
"id": "58245"
},
{
"db": "VULHUB",
"id": "VHN-59307"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-6026",
"trust": 3.4
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001735",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201303-007",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2013-01417",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20130228 CISCO AIRONOET ACCESS POINT DENIAL OF SERVICE VULNERABILITY",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "52435",
"trust": 0.6
},
{
"db": "BID",
"id": "58245",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-59307",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01417"
},
{
"db": "VULHUB",
"id": "VHN-59307"
},
{
"db": "BID",
"id": "58245"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001735"
},
{
"db": "NVD",
"id": "CVE-2012-6026"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-007"
}
]
},
"id": "VAR-201303-0052",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01417"
},
{
"db": "VULHUB",
"id": "VHN-59307"
}
],
"trust": 1.16931034
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01417"
}
]
},
"last_update_date": "2023-12-18T12:09:26.871000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco Aironoet Access Point Denial of Service Vulnerability",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2012-6026"
},
{
"title": "28436",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=28436"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001735"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-59307"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001735"
},
{
"db": "NVD",
"id": "CVE-2012-6026"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2012-6026"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=28436"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-6026"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-6026"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52435"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/cisco/web/solutions/small_business/products/wireless/aironet_series_access_points/index.html"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01417"
},
{
"db": "VULHUB",
"id": "VHN-59307"
},
{
"db": "BID",
"id": "58245"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001735"
},
{
"db": "NVD",
"id": "CVE-2012-6026"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-007"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-01417"
},
{
"db": "VULHUB",
"id": "VHN-59307"
},
{
"db": "BID",
"id": "58245"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001735"
},
{
"db": "NVD",
"id": "CVE-2012-6026"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-007"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01417"
},
{
"date": "2013-03-05T00:00:00",
"db": "VULHUB",
"id": "VHN-59307"
},
{
"date": "2013-03-01T00:00:00",
"db": "BID",
"id": "58245"
},
{
"date": "2013-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001735"
},
{
"date": "2013-03-05T05:04:04.077000",
"db": "NVD",
"id": "CVE-2012-6026"
},
{
"date": "2013-03-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-007"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01417"
},
{
"date": "2013-03-05T00:00:00",
"db": "VULHUB",
"id": "VHN-59307"
},
{
"date": "2013-03-01T00:00:00",
"db": "BID",
"id": "58245"
},
{
"date": "2013-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001735"
},
{
"date": "2013-03-05T16:18:29.260000",
"db": "NVD",
"id": "CVE-2012-6026"
},
{
"date": "2013-03-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-007"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201303-007"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Aironet Access point HTTP Profiler Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001735"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201303-007"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…