Lucene search

[email protected]CVE-2010-2978

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-2978

2022-10-0316:21:07

CWE-310

[email protected]

web.nvd.nist.gov

cisco

uwn

solution

certificate

vulnerability

access restrictions

cve-2010-2978

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.1%

JSON

Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not use an adequate message-digest algorithm for a self-signed certificate, which allows remote attackers to bypass intended access restrictions via vectors involving collisions, aka Bug ID CSCtd67660.

Affected configurations

NVD

Node

ciscounified_wireless_network_solution_softwareMatch7.0

ciscounified_wireless_network_solution_softwareMatch7.0.98.0

CPENameOperatorVersion
cisco:unified_wireless_network_solution_softwarecisco unified wireless network solution softwareeq7.0
cisco:unified_wireless_network_solution_softwarecisco unified wireless network solution softwareeq7.0.98.0

CPE	Name	Operator	Version
cisco:unified_wireless_network_solution_software	cisco unified wireless network solution software	eq	7.0
cisco:unified_wireless_network_solution_software	cisco unified wireless network solution software	eq	7.0.98.0

References

www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.1%

JSON

Related for CVE-2010-2978

cvelist1 prion1 nvd1