nvd-json-data-feeds/CVE-2023/CVE-2023-358xx/CVE-2023-35802.json

{
  "id": "CVE-2023-35802",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-07-15T02:15:08.803",
  "lastModified": "2023-07-26T21:39:28.837",
  "vulnStatus": "Analyzed",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ]
    }
  ],
  "configurations": [
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:extremenetworks:iq_engine:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "10.6r1",
              "matchCriteriaId": "0492F4F6-AF0B-478C-8D7C-68DCE2AB1989"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap122:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60779E2E-9C16-430C-AAD5-51410B5894E5"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0BA56D5-E3C8-402F-8852-F7F9864C3A7F"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap150w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95B91235-8FB7-4BB2-99BC-D53074ECEEE3"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2831D50B-3BCE-4166-BDD6-E38317B92E2C"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap30:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CCA45A-C187-46AE-825C-0DF85824CD3E"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap3000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "96D3DFF3-8C35-4860-B904-DDEEA6C68827"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap3000x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4303FD05-94B4-4D42-BBB9-1E5725DC89C6"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap302w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B393FA2-8528-4977-B2F3-D42FF4A78E5B"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap305c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9384ECB-2EAF-4049-A644-481E9BE00FA9"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap305c-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE2C4A69-7A54-45E9-9940-99272E41FC21"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap305cx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "001C25E7-F884-4AFD-80DB-40FB6742292B"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap4000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCDCBF18-E614-4F63-8C0A-BF28E47B4D6C"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap4000-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBA85B9D-5D40-44CA-B345-A9B33E2854D6"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap410c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5F69587-452F-474A-9389-F9AFE439285C"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap410c-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56CA142E-9947-4854-9F56-1D24F45F7A2D"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap460c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E0E816A-C583-4985-94D2-E97B8B87A818"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap460s12c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36189326-1798-4312-B61B-BB9DEFB94028"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap460s6c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4207CD0-E7DF-4DAB-BEE6-93387D5C29BB"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap5010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E2A0429-3DCB-4E33-9145-D80005B85150"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap5050d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF2B1AB3-EB5D-46B3-B5E0-6A7A8151403E"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap5050u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E8E2F84-964A-49CB-B00C-080669298FB6"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap510c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8123B7E3-28A2-4786-95B5-804B8FBF0E53"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap510cx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D76938F-9812-4E8D-9C37-1A05FAE27CD7"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap630:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98AFB5E8-BBBB-401C-AEEC-CF36DBB1D07E"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1053DDC0-0385-4A86-80E1-D4424274F550"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap650x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E838B1A4-542F-421E-967C-7437C449E465"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:extremenetworks:iq_engine:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "10.6r5",
              "matchCriteriaId": "B79A1496-89B4-4871-90B1-D8CB936EFB7C"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap1130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06EE00F8-1B3C-4686-BC66-1015E4C62CAD"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:extremenetworks:ap550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BF23B23-0DC0-4C65-BFB1-B09F03902369"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://extremeportal.force.com/ExtrArticleDetail?an=000112741",
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}
Auto-Update: 2023-07-15T04:00:37.956016+00:00 2023-07-15 04:00:41 +00:00			`{`
			`"id": "CVE-2023-35802",`
			`"sourceIdentifier": "cve@mitre.org",`
			`"published": "2023-07-15T02:15:08.803",`
Auto-Update: 2023-07-26T22:00:27.133648+00:00 2023-07-26 22:00:30 +00:00			`"lastModified": "2023-07-26T21:39:28.837",`
			`"vulnStatus": "Analyzed",`
Auto-Update: 2024-07-14T02:00:17.787041+00:00 2024-07-14 02:06:08 +00:00			`"cveTags": [],`
Auto-Update: 2023-07-15T04:00:37.956016+00:00 2023-07-15 04:00:41 +00:00			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit."`
			`}`
			`],`
Auto-Update: 2023-07-26T22:00:27.133648+00:00 2023-07-26 22:00:30 +00:00			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",`
			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 9.8,`
			`"baseSeverity": "CRITICAL"`
			`},`
			`"exploitabilityScore": 3.9,`
			`"impactScore": 5.9`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-120"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:extremenetworks:iq_engine::::::::",`
			`"versionEndExcluding": "10.6r1",`
			`"matchCriteriaId": "0492F4F6-AF0B-478C-8D7C-68DCE2AB1989"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap122:-:::::::*",`
			`"matchCriteriaId": "60779E2E-9C16-430C-AAD5-51410B5894E5"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap130:-:::::::*",`
			`"matchCriteriaId": "A0BA56D5-E3C8-402F-8852-F7F9864C3A7F"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap150w:-:::::::*",`
			`"matchCriteriaId": "95B91235-8FB7-4BB2-99BC-D53074ECEEE3"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap250:-:::::::*",`
			`"matchCriteriaId": "2831D50B-3BCE-4166-BDD6-E38317B92E2C"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap30:-:::::::*",`
			`"matchCriteriaId": "27CCA45A-C187-46AE-825C-0DF85824CD3E"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap3000:-:::::::*",`
			`"matchCriteriaId": "96D3DFF3-8C35-4860-B904-DDEEA6C68827"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap3000x:-:::::::*",`
			`"matchCriteriaId": "4303FD05-94B4-4D42-BBB9-1E5725DC89C6"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap302w:-:::::::*",`
			`"matchCriteriaId": "3B393FA2-8528-4977-B2F3-D42FF4A78E5B"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap305c:-:::::::*",`
			`"matchCriteriaId": "F9384ECB-2EAF-4049-A644-481E9BE00FA9"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap305c-1:-:::::::*",`
			`"matchCriteriaId": "BE2C4A69-7A54-45E9-9940-99272E41FC21"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap305cx:-:::::::*",`
			`"matchCriteriaId": "001C25E7-F884-4AFD-80DB-40FB6742292B"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap4000:-:::::::*",`
			`"matchCriteriaId": "CCDCBF18-E614-4F63-8C0A-BF28E47B4D6C"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap4000-1:-:::::::*",`
			`"matchCriteriaId": "CBA85B9D-5D40-44CA-B345-A9B33E2854D6"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap410c:-:::::::*",`
			`"matchCriteriaId": "E5F69587-452F-474A-9389-F9AFE439285C"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap410c-1:-:::::::*",`
			`"matchCriteriaId": "56CA142E-9947-4854-9F56-1D24F45F7A2D"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap460c:-:::::::*",`
			`"matchCriteriaId": "0E0E816A-C583-4985-94D2-E97B8B87A818"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap460s12c:-:::::::*",`
			`"matchCriteriaId": "36189326-1798-4312-B61B-BB9DEFB94028"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap460s6c:-:::::::*",`
			`"matchCriteriaId": "F4207CD0-E7DF-4DAB-BEE6-93387D5C29BB"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap5010:-:::::::*",`
			`"matchCriteriaId": "9E2A0429-3DCB-4E33-9145-D80005B85150"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap5050d:-:::::::*",`
			`"matchCriteriaId": "EF2B1AB3-EB5D-46B3-B5E0-6A7A8151403E"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap5050u:-:::::::*",`
			`"matchCriteriaId": "5E8E2F84-964A-49CB-B00C-080669298FB6"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap510c:-:::::::*",`
			`"matchCriteriaId": "8123B7E3-28A2-4786-95B5-804B8FBF0E53"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap510cx:-:::::::*",`
			`"matchCriteriaId": "9D76938F-9812-4E8D-9C37-1A05FAE27CD7"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap630:-:::::::*",`
			`"matchCriteriaId": "98AFB5E8-BBBB-401C-AEEC-CF36DBB1D07E"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap650:-:::::::*",`
			`"matchCriteriaId": "1053DDC0-0385-4A86-80E1-D4424274F550"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap650x:-:::::::*",`
			`"matchCriteriaId": "E838B1A4-542F-421E-967C-7437C449E465"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:extremenetworks:iq_engine::::::::",`
			`"versionEndExcluding": "10.6r5",`
			`"matchCriteriaId": "B79A1496-89B4-4871-90B1-D8CB936EFB7C"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap1130:-:::::::*",`
			`"matchCriteriaId": "06EE00F8-1B3C-4686-BC66-1015E4C62CAD"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:extremenetworks:ap550:-:::::::*",`
			`"matchCriteriaId": "4BF23B23-0DC0-4C65-BFB1-B09F03902369"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
Auto-Update: 2023-07-15T04:00:37.956016+00:00 2023-07-15 04:00:41 +00:00			`"references": [`
			`{`
			`"url": "https://extremeportal.force.com/ExtrArticleDetail?an=000112741",`
Auto-Update: 2023-07-26T22:00:27.133648+00:00 2023-07-26 22:00:30 +00:00			`"source": "cve@mitre.org",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
Auto-Update: 2023-07-15T04:00:37.956016+00:00 2023-07-15 04:00:41 +00:00			`}`
			`]`
			`}`