CVE-2010-1804 : Unspecified vulnerability in the network bridge functionality on the Apple Time Capsule, AirPort Extreme Base Station, a

Unspecified vulnerability in the network bridge functionality on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 allows remote attackers to cause a denial of service (networking outage) via a crafted DHCP reply.

Published 2010-12-22 03:00:01

Updated 2011-01-19 06:57:25

Source Apple Inc.

View at NVD, CVE.org

Vulnerability category: Denial of service

Exploit prediction scoring system (EPSS) score for CVE-2010-1804

Probability of exploitation activity in the next 30 days: 0.63%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 76 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2010-1804

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.1	HIGH	AV:N/AC:M/Au:N/C:N/I:N/A:C	8.6	6.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete

References for CVE-2010-1804

http://support.apple.com/kb/HT4298

About the security content of Time Capsule and AirPort Base Station (802.11n) Firmware 7.5.2 - Apple Support
Patch;Vendor Advisory

CVEs referencing this url
http://www.securitytracker.com/id?1024907

Apple Time Capsule and AirPort Base Station Bugs Let Remote Users Deny Service or Access Ostensibly Protected Hosts - SecurityTracker

CVEs referencing this url
http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html

Apple - Lists.apple.com
Patch;Vendor Advisory

CVEs referencing this url

Products affected by CVE-2010-1804

Apple » Airport Express
cpe:2.3:h:apple:airport_express:*:*:*:*:*:*:*:*
Matching versions
Apple » Airport Extreme
cpe:2.3:h:apple:airport_extreme:*:*:*:*:*:*:*:*
Matching versions
Apple » Time Capsule
cpe:2.3:h:apple:time_capsule:*:*:*:*:*:*:*:*
Matching versions
Apple » Airport Extreme Base Station Firmware » Version: 5.5
cpe:2.3:h:apple:airport_extreme_base_station_firmware:5.5:*:*:*:*:*:*:*
Matching versions
Apple » Airport Extreme Base Station Firmware » Version: 5.7
cpe:2.3:h:apple:airport_extreme_base_station_firmware:5.7:*:*:*:*:*:*:*
Matching versions
Apple » Airport Express Base Station Firmware
Versions up to, including, (<=) 7.4.2
cpe:2.3:h:apple:airport_express_base_station_firmware:*:*:*:*:*:*:*:*
Matching versions
Apple » Airport Express Base Station Firmware » Version: 7.4.1
cpe:2.3:h:apple:airport_express_base_station_firmware:7.4.1:*:*:*:*:*:*:*
Matching versions
Apple » Airport Express Base Station Firmware » Version: 7.3.2
cpe:2.3:h:apple:airport_express_base_station_firmware:7.3.2:*:*:*:*:*:*:*
Matching versions
Apple » Airport Express Base Station Firmware » Version: 4.0.9
cpe:2.3:h:apple:airport_express_base_station_firmware:4.0.9:*:*:*:*:*:*:*
Matching versions
Apple » Airport Express Base Station Firmware » Version: 3.84
cpe:2.3:h:apple:airport_express_base_station_firmware:3.84:*:*:*:*:*:*:*
Matching versions
Apple » Airport Express Base Station Firmware » Version: 6.1
cpe:2.3:h:apple:airport_express_base_station_firmware:6.1:*:*:*:*:*:*:*
Matching versions
Apple » Airport Express Base Station Firmware » Version: 6.3
cpe:2.3:h:apple:airport_express_base_station_firmware:6.3:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2010-1804

Exploit prediction scoring system (EPSS) score for CVE-2010-1804

CVSS scores for CVE-2010-1804

References for CVE-2010-1804

Products affected by CVE-2010-1804