mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-29 05:56:17 +00:00
261 lines
8.8 KiB
JSON
261 lines
8.8 KiB
JSON
{
|
|
"id": "CVE-2019-19834",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2020-01-22T19:15:12.327",
|
|
"lastModified": "2020-01-23T23:11:05.307",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable->debug->script->exec with ../../../bin/sh as the parameter."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Un Salto de Directorio en ruckus_cli2 en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.64, permite a un atacante remoto liberar la CLI por medio de enable-)debug-)script-)exec con ../../../bin/sh como el par\u00e1metro."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "HIGH",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.2,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 1.2,
|
|
"impactScore": 5.9
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "SINGLE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 6.5
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.0,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-22"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:ruckuswireless:unleashed:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "200.7.10.202.94",
|
|
"matchCriteriaId": "020E9499-80F3-47F6-8730-6333A6200987"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:ruckuswireless:t310:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E537F957-DCBF-4C9A-BEB6-A321C091ADF5"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "9.10.2.0.84",
|
|
"matchCriteriaId": "F94CA5E2-FA24-4D2B-9650-50B5A39BEFC7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "9.12.0",
|
|
"versionEndExcluding": "9.12.3.0.136",
|
|
"matchCriteriaId": "11606EFF-3D0D-4704-9DDA-87064233866C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "9.13.0",
|
|
"versionEndExcluding": "10.0.1.0.90",
|
|
"matchCriteriaId": "16E02881-C6A6-4E06-81C9-9BD711D28988"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "10.1.0",
|
|
"versionEndExcluding": "10.1.2.0.275",
|
|
"matchCriteriaId": "59D2E8D2-716C-4B62-ADDC-BD1EB19BDCD5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "10.2.0",
|
|
"versionEndExcluding": "10.2.1.0.147",
|
|
"matchCriteriaId": "44C394D2-4EF4-4C53-8C20-1A29248B79DA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:ruckuswireless:zonedirector_1200_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "10.3.0",
|
|
"versionEndExcluding": "10.3.1.0.21",
|
|
"matchCriteriaId": "5A21CEE8-29D7-4D5F-9A3C-5D27DA512873"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:ruckuswireless:zonedirector_1200:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0FE0C2B2-D14B-4798-95C4-F911B3B1D88E"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit",
|
|
"Technical Description",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.ruckuswireless.com/security/299/view/txt",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |