Lucene search

K
cve[email protected]CVE-2018-11036
HistoryMay 31, 2018 - 12:29 p.m.

CVE-2018-11036

2018-05-3112:29:00
CWE-200
web.nvd.nist.gov
29
ruckus
smartzone
virtual smartcell gateway
vscg
cve-2018-11036
security vulnerability
remote attack

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

8.8

Confidence

High

EPSS

0.003

Percentile

69.4%

Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, 3.5.1, 3.6.0, and 3.6.1 (Essentials and High Scale) on vSZ, SZ-100, SZ-300, and SCG-200 devices allows remote attackers to obtain sensitive information or modify data.

Affected configurations

NVD
Node
ruckuswirelessvsz_firmwareMatch3.5.0
OR
ruckuswirelessvsz_firmwareMatch3.5.1
OR
ruckuswirelessvsz_firmwareMatch3.6.0
OR
ruckuswirelessvsz_firmwareMatch3.6.1
AND
ruckuswirelessvszMatch-
Node
ruckuswirelessscg-200_firmwareMatch3.5.0
OR
ruckuswirelessscg-200_firmwareMatch3.5.1
OR
ruckuswirelessscg-200_firmwareMatch3.6.0
OR
ruckuswirelessscg-200_firmwareMatch3.6.1
AND
ruckuswirelessscg-200Match-
Node
ruckuswirelesssz-300_firmwareMatch3.5.0
OR
ruckuswirelesssz-300_firmwareMatch3.5.1
OR
ruckuswirelesssz-300_firmwareMatch3.6.0
OR
ruckuswirelesssz-300_firmwareMatch3.6.1
AND
ruckuswirelesssz-300Match-
Node
ruckuswirelesssz-100_firmwareMatch3.5.0
OR
ruckuswirelesssz-100_firmwareMatch3.5.1
OR
ruckuswirelesssz-100_firmwareMatch3.6.0
OR
ruckuswirelesssz-100_firmwareMatch3.6.1
AND
ruckuswirelesssz-100Match-

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

8.8

Confidence

High

EPSS

0.003

Percentile

69.4%

Related for CVE-2018-11036