{ "id": "CVE-2023-35802", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-15T02:15:08.803", "lastModified": "2024-11-21T08:08:44.367", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 5.9 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-120" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:extremenetworks:iq_engine:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.6r1", "matchCriteriaId": "0492F4F6-AF0B-478C-8D7C-68DCE2AB1989" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap122:-:*:*:*:*:*:*:*", "matchCriteriaId": "60779E2E-9C16-430C-AAD5-51410B5894E5" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap130:-:*:*:*:*:*:*:*", "matchCriteriaId": "A0BA56D5-E3C8-402F-8852-F7F9864C3A7F" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap150w:-:*:*:*:*:*:*:*", "matchCriteriaId": "95B91235-8FB7-4BB2-99BC-D53074ECEEE3" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap250:-:*:*:*:*:*:*:*", "matchCriteriaId": "2831D50B-3BCE-4166-BDD6-E38317B92E2C" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap30:-:*:*:*:*:*:*:*", "matchCriteriaId": "27CCA45A-C187-46AE-825C-0DF85824CD3E" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap3000:-:*:*:*:*:*:*:*", "matchCriteriaId": "96D3DFF3-8C35-4860-B904-DDEEA6C68827" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap3000x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4303FD05-94B4-4D42-BBB9-1E5725DC89C6" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap302w:-:*:*:*:*:*:*:*", "matchCriteriaId": "3B393FA2-8528-4977-B2F3-D42FF4A78E5B" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap305c:-:*:*:*:*:*:*:*", "matchCriteriaId": "F9384ECB-2EAF-4049-A644-481E9BE00FA9" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap305c-1:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE2C4A69-7A54-45E9-9940-99272E41FC21" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap305cx:-:*:*:*:*:*:*:*", "matchCriteriaId": "001C25E7-F884-4AFD-80DB-40FB6742292B" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap4000:-:*:*:*:*:*:*:*", "matchCriteriaId": "CCDCBF18-E614-4F63-8C0A-BF28E47B4D6C" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap4000-1:-:*:*:*:*:*:*:*", "matchCriteriaId": "CBA85B9D-5D40-44CA-B345-A9B33E2854D6" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap410c:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5F69587-452F-474A-9389-F9AFE439285C" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap410c-1:-:*:*:*:*:*:*:*", "matchCriteriaId": "56CA142E-9947-4854-9F56-1D24F45F7A2D" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap460c:-:*:*:*:*:*:*:*", "matchCriteriaId": "0E0E816A-C583-4985-94D2-E97B8B87A818" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap460s12c:-:*:*:*:*:*:*:*", "matchCriteriaId": "36189326-1798-4312-B61B-BB9DEFB94028" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap460s6c:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4207CD0-E7DF-4DAB-BEE6-93387D5C29BB" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap5010:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E2A0429-3DCB-4E33-9145-D80005B85150" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap5050d:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF2B1AB3-EB5D-46B3-B5E0-6A7A8151403E" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap5050u:-:*:*:*:*:*:*:*", "matchCriteriaId": "5E8E2F84-964A-49CB-B00C-080669298FB6" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap510c:-:*:*:*:*:*:*:*", "matchCriteriaId": "8123B7E3-28A2-4786-95B5-804B8FBF0E53" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap510cx:-:*:*:*:*:*:*:*", "matchCriteriaId": "9D76938F-9812-4E8D-9C37-1A05FAE27CD7" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap630:-:*:*:*:*:*:*:*", "matchCriteriaId": "98AFB5E8-BBBB-401C-AEEC-CF36DBB1D07E" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap650:-:*:*:*:*:*:*:*", "matchCriteriaId": "1053DDC0-0385-4A86-80E1-D4424274F550" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap650x:-:*:*:*:*:*:*:*", "matchCriteriaId": "E838B1A4-542F-421E-967C-7437C449E465" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:extremenetworks:iq_engine:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.6r5", "matchCriteriaId": "B79A1496-89B4-4871-90B1-D8CB936EFB7C" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap1130:-:*:*:*:*:*:*:*", "matchCriteriaId": "06EE00F8-1B3C-4686-BC66-1015E4C62CAD" }, { "vulnerable": false, "criteria": "cpe:2.3:h:extremenetworks:ap550:-:*:*:*:*:*:*:*", "matchCriteriaId": "4BF23B23-0DC0-4C65-BFB1-B09F03902369" } ] } ] } ], "references": [ { "url": "https://extremeportal.force.com/ExtrArticleDetail?an=000112741", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "https://extremeportal.force.com/ExtrArticleDetail?an=000112741", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] } ] }