Lucene search

MitreCVE-2018-5793

HistoryFeb 05, 2018 - 4:29 a.m.

CVE-2018-5793

2018-02-0504:29:00

CWE-787

mitre

web.nvd.nist.gov

extreme networks

extremewireless

wing

cve-2018-5793

remote

unauthenticated heap overflow

hsd process

mint protocol

access point

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

5.7

Confidence

High

EPSS

0.001

Percentile

43.0%

JSON

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Heap Overflow in the HSD Process over the MINT (Media Independent Tunnel) Protocol on the WiNG Access Point via crafted packets.

Affected configurations

Nvd

Node

extremewirelesswingRange5.0–5.8.6.9

extremewirelesswingRange5.9.0–5.9.1.3

VendorProductVersionCPE
extremewirelesswing*cpe:2.3:o:extremewireless:wing:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
extremewireless	wing	*	cpe:2.3:o:extremewireless:wing::::::::

References

gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

5.7

Confidence

High

EPSS

0.001

Percentile

43.0%

JSON

Related for CVE-2018-5793