Lucene search

[email protected]CVE-2009-2976

HistoryOct 03, 2022 - 4:24 p.m.

CVE-2009-2976

2022-10-0316:24:06

CWE-310

[email protected]

web.nvd.nist.gov

cisco

aironet

lightweight

access point

vulnerability

cleartext

multicast

data frames

remote attackers

wireless lan controller

mac addresses

ip addresses

sniffing

wireless network

nvd

6.9 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.001 Low

EPSS

Percentile

49.6%

JSON

Cisco Aironet Lightweight Access Point (AP) devices send the contents of certain multicast data frames in cleartext, which allows remote attackers to discover Wireless LAN Controller MAC addresses and IP addresses, and AP configuration details, by sniffing the wireless network.

Affected configurations

NVD

Node

ciscoaironet_ap1100

ciscoaironet_ap1200

CPENameOperatorVersion
cisco:aironet_ap1100cisco aironet ap1100eq*
cisco:aironet_ap1200cisco aironet ap1200eq*

CPE	Name	Operator	Version
cisco:aironet_ap1100	cisco aironet ap1100	eq	*
cisco:aironet_ap1200	cisco aironet ap1200	eq	*

References

securitytracker.com/id?1022774

www.airmagnet.com/assets/AM_Technote_SkyJack_082509.pdf

www.airmagnet.com/news/press_releases/2009/08252009.php

6.9 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.001 Low

EPSS

Percentile

49.6%

JSON

Related for CVE-2009-2976

prion1 cvelist1 nvd1