Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2010-AVI-422
Vulnerability from certfr_avis
De multiples vulnérabilités affectent la famille des produits Cisco Wireless LAN Controller, nommés ci-après WLC.
Description
Plusieurs types de vulnérabilités ont été découvertes :
- Un paquet Internet Key Exchange forgé par un attaquant à destination d'un WLC Cisco peut provoquer un déni de service. Ce protocole est activé par défaut sur ces produits et ne peut pas être désactivé. Les versions 3.2 et supérieures du logiciel sont affectées (cf. CVE-2010-0574).
- Un attaquant authentifié peut créer une série de paquets HTTP pour obliger l'appareil à redémarrer. La répétition de cette attaque provoque un déni de service (cf. CVE-2010-2841). Les versions 4.2 et supérieures des logiciels sont affectées.
- Il est possible à un attaquant authentifié sur l'appareil de contourner ses droits en lecture seule afin de modifier la configuration (cf. CVE-2010-2842, CVE-2010-2843 et CVE-2010-3033).
- Un attaquant non authentifié peut contourner certaines listes de contrôle d'accès à travers deux vulnérabilités (cf. CVE-2010-0575 et CVE-2010-3034). Une des deux vulnérabilités affecte les versions 4.1 et suivantes, l'autre les versions 6.0.x.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Les produits suivants sont affectés par ces vulnérabilités :
- Cisco Wireless LAN Controller série 2000 ;
- Cisco Wireless LAN Controller série 2100 ;
- Cisco Wireless LAN Controller série 4100 ;
- Cisco Wireless LAN Controller série 4400 ;
- Cisco Wireless LAN Controller série 5500 ;
- Cisco Wireless Services Modules ;
- Cisco Wireless LAN Controller Modules pour Integrated Services Routers ;
- Cisco Catalyst 3750G Integrated Wireless LAN Controller.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003eLes produits suivants sont affect\u00e9s par ces vuln\u00e9rabilit\u00e9s : \u003cUL\u003e \u003cLI\u003e\u003cSPAN class=\"textit\"\u003eCisco Wireless LAN Controller\u003c/SPAN\u003e s\u00e9rie 2000 ;\u003c/LI\u003e \u003cLI\u003e\u003cSPAN class=\"textit\"\u003eCisco Wireless LAN Controller\u003c/SPAN\u003e s\u00e9rie 2100 ;\u003c/LI\u003e \u003cLI\u003e\u003cSPAN class=\"textit\"\u003eCisco Wireless LAN Controller\u003c/SPAN\u003e s\u00e9rie 4100 ;\u003c/LI\u003e \u003cLI\u003e\u003cSPAN class=\"textit\"\u003eCisco Wireless LAN Controller\u003c/SPAN\u003e s\u00e9rie 4400 ;\u003c/LI\u003e \u003cLI\u003e\u003cSPAN class=\"textit\"\u003eCisco Wireless LAN Controller\u003c/SPAN\u003e s\u00e9rie 5500 ;\u003c/LI\u003e \u003cLI\u003e\u003cSPAN class=\"textit\"\u003eCisco Wireless Services Modules\u003c/SPAN\u003e ;\u003c/LI\u003e \u003cLI\u003e\u003cSPAN class=\"textit\"\u003eCisco Wireless LAN Controller Modules\u003c/SPAN\u003e pour \u003cSPAN class=\"textit\"\u003eIntegrated Services Routers\u003c/SPAN\u003e ;\u003c/LI\u003e \u003cLI\u003e\u003cSPAN class=\"textit\"\u003eCisco Catalyst 3750G Integrated Wireless LAN Controller\u003c/SPAN\u003e.\u003c/LI\u003e \u003c/UL\u003e\u003c/p\u003e",
"content": "## Description\n\nPlusieurs types de vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes :\n\n- Un paquet Internet Key Exchange forg\u00e9 par un attaquant \u00e0 destination\n d\u0027un WLC Cisco peut provoquer un d\u00e9ni de service. Ce protocole est\n activ\u00e9 par d\u00e9faut sur ces produits et ne peut pas \u00eatre d\u00e9sactiv\u00e9.\n Les versions 3.2 et sup\u00e9rieures du logiciel sont affect\u00e9es (cf.\n CVE-2010-0574).\n- Un attaquant authentifi\u00e9 peut cr\u00e9er une s\u00e9rie de paquets HTTP pour\n obliger l\u0027appareil \u00e0 red\u00e9marrer. La r\u00e9p\u00e9tition de cette attaque\n provoque un d\u00e9ni de service (cf. CVE-2010-2841). Les versions 4.2 et\n sup\u00e9rieures des logiciels sont affect\u00e9es.\n- Il est possible \u00e0 un attaquant authentifi\u00e9 sur l\u0027appareil de\n contourner ses droits en lecture seule afin de modifier la\n configuration (cf. CVE-2010-2842, CVE-2010-2843 et CVE-2010-3033).\n- Un attaquant non authentifi\u00e9 peut contourner certaines listes de\n contr\u00f4le d\u0027acc\u00e8s \u00e0 travers deux vuln\u00e9rabilit\u00e9s (cf. CVE-2010-0575 et\n CVE-2010-3034). Une des deux vuln\u00e9rabilit\u00e9s affecte les versions 4.1\n et suivantes, l\u0027autre les versions 6.0.x.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2010-0575",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0575"
},
{
"name": "CVE-2010-2843",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2843"
},
{
"name": "CVE-2010-2842",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2842"
},
{
"name": "CVE-2010-0574",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0574"
},
{
"name": "CVE-2010-2841",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2841"
},
{
"name": "CVE-2010-3124",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3124"
},
{
"name": "CVE-2010-3034",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3034"
},
{
"name": "CVE-2010-3033",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3033"
}
],
"initial_release_date": "2010-09-09T00:00:00",
"last_revision_date": "2010-09-09T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20100908-wlc du 08 septembre 2010:",
"url": "http://cisco.com/warp/public/707/cisco-sa-20100908-wlc.shtml"
}
],
"reference": "CERTA-2010-AVI-422",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2010-09-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s affectent la famille des produits \u003cspan\nclass=\"textit\"\u003eCisco Wireless LAN Controller\u003c/span\u003e, nomm\u00e9s ci-apr\u00e8s\n\u003cspan class=\"textit\"\u003eWLC\u003c/span\u003e.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco Wireless LAN",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 cisco-sa-20100908-wlc du 08 septembre 2010",
"url": null
}
]
}
CVE-2010-0574 (GCVE-0-2010-0574)
Vulnerability from cvelistv5
Published
2010-09-10 17:00
Modified
2024-09-17 03:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 3.2 before 3.2.215.0; 4.1 and 4.2 before 4.2.205.0; 4.1M and 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.188.0; and 5.2 before 5.2.193.11 allows remote attackers to cause a denial of service (device reload) via a crafted IKE packet, aka Bug ID CSCta56653.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:52:19.794Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21287"
},
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 3.2 before 3.2.215.0; 4.1 and 4.2 before 4.2.205.0; 4.1M and 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.188.0; and 5.2 before 5.2.193.11 allows remote attackers to cause a denial of service (device reload) via a crafted IKE packet, aka Bug ID CSCta56653."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-10T17:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21287"
},
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-0574",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 3.2 before 3.2.215.0; 4.1 and 4.2 before 4.2.205.0; 4.1M and 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.188.0; and 5.2 before 5.2.193.11 allows remote attackers to cause a denial of service (device reload) via a crafted IKE packet, aka Bug ID CSCta56653."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21287",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21287"
},
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-0574",
"datePublished": "2010-09-10T17:00:00Z",
"dateReserved": "2010-02-10T00:00:00Z",
"dateUpdated": "2024-09-17T03:38:15.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2841 (GCVE-0-2010-2841)
Vulnerability from cvelistv5
Published
2010-09-10 17:00
Modified
2024-09-16 17:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 4.2 before 4.2.209.0; 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.196.0; and 5.2 before 5.2.193.11 allows remote authenticated users to cause a denial of service (device reload) via crafted HTTP packets that trigger invalid arguments to the emweb component, aka Bug ID CSCtd16938.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.674Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21288"
},
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 4.2 before 4.2.209.0; 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.196.0; and 5.2 before 5.2.193.11 allows remote authenticated users to cause a denial of service (device reload) via crafted HTTP packets that trigger invalid arguments to the emweb component, aka Bug ID CSCtd16938."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-10T17:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21288"
},
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-2841",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 4.2 before 4.2.209.0; 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.196.0; and 5.2 before 5.2.193.11 allows remote authenticated users to cause a denial of service (device reload) via crafted HTTP packets that trigger invalid arguments to the emweb component, aka Bug ID CSCtd16938."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21288",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21288"
},
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-2841",
"datePublished": "2010-09-10T17:00:00Z",
"dateReserved": "2010-07-23T00:00:00Z",
"dateUpdated": "2024-09-16T17:43:51.946Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2842 (GCVE-0-2010-2842)
Vulnerability from cvelistv5
Published
2010-09-10 17:00
Modified
2024-09-17 00:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2843 and CVE-2010-3033.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21290"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2843 and CVE-2010-3033."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-10T17:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21290"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-2842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2843 and CVE-2010-3033."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21290",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21290"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-2842",
"datePublished": "2010-09-10T17:00:00Z",
"dateReserved": "2010-07-23T00:00:00Z",
"dateUpdated": "2024-09-17T00:01:21.776Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3124 (GCVE-0-2010-3124)
Vulnerability from cvelistv5
Published
2010-08-26 18:00
Modified
2024-08-07 02:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player 1.1.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll that is located in the same folder as a .mp3 file.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:46.828Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.videolan.org/?p=vlc/vlc-1.1.git%3Ba=blobdiff%3Bf=bin/winvlc.c%3Bh=ac9b97ca9f5f9ba001f13bf61eb5127a1c1dbcbf%3Bhp=2d09cba320e3b0def7069ce1ebab25d1340161c5%3Bhb=43a31df56c37bd62c691cdbe3c1f11babd164b56%3Bhpb=2d366da738b19f8d761d7084746c6db6f52808c6"
},
{
"name": "ADV-2010-2172",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2172"
},
{
"name": "[oss-security] 20100825 CVE request: VLC media player - DLL preloading vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/08/25/9"
},
{
"name": "14750",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/14750"
},
{
"name": "41107",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41107"
},
{
"name": "[oss-security] 20100825 Re: CVE request: VLC media player - DLL preloading vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/08/25/10"
},
{
"name": "oval:org.mitre.oval:def:12190",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12190"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player 1.1.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll that is located in the same folder as a .mp3 file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.videolan.org/?p=vlc/vlc-1.1.git%3Ba=blobdiff%3Bf=bin/winvlc.c%3Bh=ac9b97ca9f5f9ba001f13bf61eb5127a1c1dbcbf%3Bhp=2d09cba320e3b0def7069ce1ebab25d1340161c5%3Bhb=43a31df56c37bd62c691cdbe3c1f11babd164b56%3Bhpb=2d366da738b19f8d761d7084746c6db6f52808c6"
},
{
"name": "ADV-2010-2172",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2172"
},
{
"name": "[oss-security] 20100825 CVE request: VLC media player - DLL preloading vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/08/25/9"
},
{
"name": "14750",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/14750"
},
{
"name": "41107",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41107"
},
{
"name": "[oss-security] 20100825 Re: CVE request: VLC media player - DLL preloading vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/08/25/10"
},
{
"name": "oval:org.mitre.oval:def:12190",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12190"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3124",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player 1.1.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll that is located in the same folder as a .mp3 file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=vlc/vlc-1.1.git;a=blobdiff;f=bin/winvlc.c;h=ac9b97ca9f5f9ba001f13bf61eb5127a1c1dbcbf;hp=2d09cba320e3b0def7069ce1ebab25d1340161c5;hb=43a31df56c37bd62c691cdbe3c1f11babd164b56;hpb=2d366da738b19f8d761d7084746c6db6f52808c6",
"refsource": "CONFIRM",
"url": "http://git.videolan.org/?p=vlc/vlc-1.1.git;a=blobdiff;f=bin/winvlc.c;h=ac9b97ca9f5f9ba001f13bf61eb5127a1c1dbcbf;hp=2d09cba320e3b0def7069ce1ebab25d1340161c5;hb=43a31df56c37bd62c691cdbe3c1f11babd164b56;hpb=2d366da738b19f8d761d7084746c6db6f52808c6"
},
{
"name": "ADV-2010-2172",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2172"
},
{
"name": "[oss-security] 20100825 CVE request: VLC media player - DLL preloading vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/08/25/9"
},
{
"name": "14750",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/14750"
},
{
"name": "41107",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41107"
},
{
"name": "[oss-security] 20100825 Re: CVE request: VLC media player - DLL preloading vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/08/25/10"
},
{
"name": "oval:org.mitre.oval:def:12190",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12190"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3124",
"datePublished": "2010-08-26T18:00:00",
"dateReserved": "2010-08-25T00:00:00",
"dateUpdated": "2024-08-07T02:55:46.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2843 (GCVE-0-2010-2843)
Vulnerability from cvelistv5
Published
2010-09-10 17:00
Modified
2024-09-17 01:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and CVE-2010-3033.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21290"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and CVE-2010-3033."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-10T17:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21290"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-2843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and CVE-2010-3033."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21290",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21290"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-2843",
"datePublished": "2010-09-10T17:00:00Z",
"dateReserved": "2010-07-23T00:00:00Z",
"dateUpdated": "2024-09-17T01:01:11.505Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3034 (GCVE-0-2010-3034)
Vulnerability from cvelistv5
Published
2010-09-10 17:00
Modified
2024-09-16 19:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified vectors, a different vulnerability than CVE-2010-0575.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:46.641Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21291"
},
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified vectors, a different vulnerability than CVE-2010-0575."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-10T17:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21291"
},
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-3034",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified vectors, a different vulnerability than CVE-2010-0575."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21291",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21291"
},
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-3034",
"datePublished": "2010-09-10T17:00:00Z",
"dateReserved": "2010-08-17T00:00:00Z",
"dateUpdated": "2024-09-16T19:35:24.333Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3033 (GCVE-0-2010-3033)
Vulnerability from cvelistv5
Published
2010-09-10 17:00
Modified
2024-09-16 16:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and CVE-2010-2843.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:46.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21290"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and CVE-2010-2843."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-10T17:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21290"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-3033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and CVE-2010-2843."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21290",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21290"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-3033",
"datePublished": "2010-09-10T17:00:00Z",
"dateReserved": "2010-08-17T00:00:00Z",
"dateUpdated": "2024-09-16T16:53:54.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0575 (GCVE-0-2010-0575)
Vulnerability from cvelistv5
Published
2010-09-10 17:00
Modified
2024-09-16 18:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified vectors, a different vulnerability than CVE-2010-3034.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:52:19.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21291"
},
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified vectors, a different vulnerability than CVE-2010-3034."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-10T17:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21291"
},
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-0575",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified vectors, a different vulnerability than CVE-2010-3034."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21291",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21291"
},
{
"name": "20100908 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b466e9.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-0575",
"datePublished": "2010-09-10T17:00:00Z",
"dateReserved": "2010-02-10T00:00:00Z",
"dateUpdated": "2024-09-16T18:09:19.883Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…