Lucene search

[email protected]NVD:CVE-2021-36630

HistoryJan 18, 2023 - 1:15 p.m.

CVE-2021-36630

2023-01-1813:15:12

CWE-770

[email protected]

web.nvd.nist.gov

cve-2021-36630

ddos

reflection amplification

eaut module

ruckus wireless

smartzone controller

remote attackers

dos attacks

crafted request

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.011 Low

EPSS

Percentile

84.8%

JSON

DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone controller that allows remote attackers to perform DOS attacks via crafted request.

Affected configurations

NVD

Node

ruckuswirelesssz-300Match-

AND

ruckuswirelesssz-300_firmwareRange≤3.6.2

Node

ruckuswirelesssz-144Match-

AND

ruckuswirelesssz-144_firmwareRange≤3.6.2

Node

ruckuswirelesssz-100Match-

AND

ruckuswirelesssz-100_firmwareRange≤3.6.2

Node

ruckuswirelessvszMatch-

AND

ruckuswirelessvsz_firmwareRange≤3.6.2

References

ruckus.com

smartzone-100.com

anquan.baidu.com/article/1434

github.com/lixiang957/CVE-2021-36630

www.commscope.com/globalassets/digizuite/921070-faq-security-advisory-id-20210719-v1-0.pdf

www.freebuf.com/articles/web/260338.html

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.011 Low

EPSS

Percentile

84.8%

JSON

Related for NVD:CVE-2021-36630

cvelist1 cve1 prion1