CVE-2018-11036

Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, 3.5.1, 3.6.0, and 3.6.1 (Essentials and High Scale) on vSZ, SZ-100, SZ-300, and SCG-200 devices allows remote attackers to obtain sensitive information or modify data.
References
Link Resource
https://www.ruckuswireless.com/security/279/view/txt Mailing List Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:ruckuswireless:vsz_firmware:3.5.0:*:*:*:*:*:*:*
cpe:2.3:o:ruckuswireless:vsz_firmware:3.5.1:*:*:*:*:*:*:*
cpe:2.3:o:ruckuswireless:vsz_firmware:3.6.0:*:*:*:*:*:*:*
cpe:2.3:o:ruckuswireless:vsz_firmware:3.6.1:*:*:*:*:*:*:*
cpe:2.3:h:ruckuswireless:vsz:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:ruckuswireless:scg-200_firmware:3.5.0:*:*:*:*:*:*:*
cpe:2.3:o:ruckuswireless:scg-200_firmware:3.5.1:*:*:*:*:*:*:*
cpe:2.3:o:ruckuswireless:scg-200_firmware:3.6.0:*:*:*:*:*:*:*
cpe:2.3:o:ruckuswireless:scg-200_firmware:3.6.1:*:*:*:*:*:*:*
cpe:2.3:h:ruckuswireless:scg-200:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:o:ruckuswireless:sz-300_firmware:3.5.0:*:*:*:*:*:*:*
cpe:2.3:o:ruckuswireless:sz-300_firmware:3.5.1:*:*:*:*:*:*:*
cpe:2.3:o:ruckuswireless:sz-300_firmware:3.6.0:*:*:*:*:*:*:*
cpe:2.3:o:ruckuswireless:sz-300_firmware:3.6.1:*:*:*:*:*:*:*
cpe:2.3:h:ruckuswireless:sz-300:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
OR cpe:2.3:o:ruckuswireless:sz-100_firmware:3.5.0:*:*:*:*:*:*:*
cpe:2.3:o:ruckuswireless:sz-100_firmware:3.5.1:*:*:*:*:*:*:*
cpe:2.3:o:ruckuswireless:sz-100_firmware:3.6.0:*:*:*:*:*:*:*
cpe:2.3:o:ruckuswireless:sz-100_firmware:3.6.1:*:*:*:*:*:*:*
cpe:2.3:h:ruckuswireless:sz-100:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-05-31 12:29

Updated : 2024-02-28 16:25


NVD link : CVE-2018-11036

Mitre link : CVE-2018-11036

CVE.ORG link : CVE-2018-11036


JSON object : View

Products Affected

ruckuswireless

  • vsz_firmware
  • sz-300_firmware
  • vsz
  • scg-200
  • scg-200_firmware
  • sz-100
  • sz-300
  • sz-100_firmware
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor