CVE-2013-3441

Cisco Aironet 3600 access points allow remote attackers to cause a denial of service (memory corruption and device crash) by disrupting Cisco Wireless LAN Controller communication and consequently forcing many transitions from FlexConnect mode to Standalone mode, aka Bug ID CSCuh71210.

CVSS v2.0 5.4 MEDIUM

5.4^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:H/Au:N/C:N/I:N/A:C

Exploitability : 4.9 / Impact : 6.9

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://osvdb.org/95548
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3441	Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=30170	Vendor Advisory
http://www.securityfocus.com/bid/61404
http://www.securitytracker.com/id/1028818

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:cisco:aironet_3600:-:::::::*
	cpe:2.3:h:cisco:aironet_3600e:-:::::::*
	cpe:2.3:h:cisco:aironet_3600i:-:::::::*
	cpe:2.3:h:cisco:aironet_3600p:-:::::::*

History

No history.

Information

Published : 2013-07-23 11:03

Updated : 2024-02-28 12:00

NVD link : CVE-2013-3441

Mitre link : CVE-2013-3441

CVE.ORG link : CVE-2013-3441

JSON object : View

Products Affected

cisco

aironet_3600
aironet_3600i
aironet_3600e
aironet_3600p

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2013-3441", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-07-23T11:03:11.990", "references": [{"url": "http://osvdb.org/95548", "source": "ykramarz@cisco.com"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3441", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30170", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securityfocus.com/bid/61404", "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1028818", "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Cisco Aironet 3600 access points allow remote attackers to cause a denial of service (memory corruption and device crash) by disrupting Cisco Wireless LAN Controller communication and consequently forcing many transitions from FlexConnect mode to Standalone mode, aka Bug ID CSCuh71210."}, {"lang": "es", "value": "puntos de acceso Cisco Aironet 3600 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de dispositivo y corrupci\u00f3n de memoria) mediante la interrupci\u00f3n de la comunicaci\u00f3n del Cisco Wireless LAN Controller y consecuentemente forzando numerosas transiciones desde el modo FlexConnect al Standalone. Aka Bug ID CSCuh71210."}], "lastModified": "2017-11-18T02:29:00.947", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:aironet_3600:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86AFB6B7-F5A5-4F87-A149-53FC82D5D863"}, {"criteria": "cpe:2.3:h:cisco:aironet_3600e:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35E201F1-02D0-4023-9A50-3D8F1A9EC357"}, {"criteria": "cpe:2.3:h:cisco:aironet_3600i:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65CBE08A-4F2B-452D-B3B3-034DE13E86CF"}, {"criteria": "cpe:2.3:h:cisco:aironet_3600p:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CE92197-190B-466A-B7A7-268051DA4395"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}