Vulnerability Details : CVE-2010-2984
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4404 series controllers does not properly implement the WEBAUTH_REQD state, which allows remote attackers to bypass intended access restrictions via WLAN traffic, aka Bug ID CSCtb75305.
Exploit prediction scoring system (EPSS) score for CVE-2010-2984
Probability of exploitation activity in the next 30 days: 0.24%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 61 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-2984
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2010-2984
-
http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
Release Notes for Cisco Wireless LAN Controllers and Lightweight Access Points for Release 7.0.98.0 - Cisco
Products affected by CVE-2010-2984
- cpe:2.3:o:cisco:unified_wireless_network_solution_software:7.0:*:*:*:*:*:*:*When used together with: Cisco » 4404 Wireless Lan Controller
- cpe:2.3:o:cisco:unified_wireless_network_solution_software:7.0.98.0:*:*:*:*:*:*:*When used together with: Cisco » 4404 Wireless Lan Controller