{ "id": "CVE-2018-11036", "sourceIdentifier": "cve@mitre.org", "published": "2018-05-31T12:29:00.220", "lastModified": "2018-08-01T18:39:38.587", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, 3.5.1, 3.6.0, and 3.6.1 (Essentials and High Scale) on vSZ, SZ-100, SZ-300, and SCG-200 devices allows remote attackers to obtain sensitive information or modify data." }, { "lang": "es", "value": "Ruckus SmartZone (anteriormente Virtual SmartCell Gateway o vSCG) 3.5.0, 3.5.1, 3.6.0 y 3.6.1 (Essentials y High Scale) en dispositivos vSZ, SZ-100, SZ-300 y SCG-200 permite a los atacantes remotos obtener informaci\u00f3n sensible o modificar datos." } ], "metrics": { "cvssMetricV30": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL" }, "exploitabilityScore": 3.9, "impactScore": 5.2 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE", "baseScore": 6.4 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 4.9, "acInsufInfo": true, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-200" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:ruckuswireless:vsz_firmware:3.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "9998987C-0AD2-4CDB-9511-2BC9462490AE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:ruckuswireless:vsz_firmware:3.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "EF9AF4FE-6115-4F24-B171-62A5DB74A6BC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:ruckuswireless:vsz_firmware:3.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "71FD8B5B-EA1B-4ABA-B0A1-CF675F8765F5" }, { "vulnerable": true, "criteria": "cpe:2.3:o:ruckuswireless:vsz_firmware:3.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "38393B8A-E549-4C07-A73E-BEB6DEB08E6A" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:ruckuswireless:vsz:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1E9A46B-D8E4-489A-8648-28EDDF000E28" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:ruckuswireless:scg-200_firmware:3.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF021C98-2D73-48E3-AB05-F69C9D3AD569" }, { "vulnerable": true, "criteria": "cpe:2.3:o:ruckuswireless:scg-200_firmware:3.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "F95F4D57-D238-47E6-AAF7-8A19B18FC29C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:ruckuswireless:scg-200_firmware:3.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "F7F0BA42-FF78-4F7D-AF63-C731B0C32DD2" }, { "vulnerable": true, "criteria": "cpe:2.3:o:ruckuswireless:scg-200_firmware:3.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "CB65F202-22C7-4E57-8EF3-8BA1DE6A3BA3" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:ruckuswireless:scg-200:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1BD8748-6B99-4218-8D76-3A6A5847DB25" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:ruckuswireless:sz-300_firmware:3.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "45CEB61E-3E81-4F2D-B23E-8332E95C6C23" }, { "vulnerable": true, "criteria": "cpe:2.3:o:ruckuswireless:sz-300_firmware:3.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "FF91774B-2DE9-4478-AD17-D7C4477CE458" }, { "vulnerable": true, "criteria": "cpe:2.3:o:ruckuswireless:sz-300_firmware:3.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "AA61F6F5-591D-45D2-90B2-4096A60BB978" }, { "vulnerable": true, "criteria": "cpe:2.3:o:ruckuswireless:sz-300_firmware:3.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "9945DADB-81D0-407B-A8C1-FFA9B5A6B228" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:ruckuswireless:sz-300:-:*:*:*:*:*:*:*", "matchCriteriaId": "4087D2FB-0853-40AE-A03F-803B5972A404" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:ruckuswireless:sz-100_firmware:3.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "ECB56AD5-AE22-4497-852B-EDB12E7B68BC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:ruckuswireless:sz-100_firmware:3.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "6AF9CED5-087A-475B-8A8D-C05F45ADEF57" }, { "vulnerable": true, "criteria": "cpe:2.3:o:ruckuswireless:sz-100_firmware:3.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "4C5A6C11-3349-448B-99E7-1A5AF17E4872" }, { "vulnerable": true, "criteria": "cpe:2.3:o:ruckuswireless:sz-100_firmware:3.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A116EBD-77CD-4F93-A1BB-56DDF64F2EA4" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:ruckuswireless:sz-100:-:*:*:*:*:*:*:*", "matchCriteriaId": "3B9F3E41-79CA-45B7-B799-B0A64E60BA16" } ] } ] } ], "references": [ { "url": "https://www.ruckuswireless.com/security/279/view/txt", "source": "cve@mitre.org", "tags": [ "Mailing List", "Vendor Advisory" ] } ] }