admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2011/CVE-2011-50xx/CVE-2011-5053.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

136 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2011-5053",
"sourceIdentifier": "cret@cert.org",
"published": "2012-01-06T20:55:01.233",
"lastModified": "2024-11-21T01:33:30.960",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Wi-Fi Protected Setup (WPS) protocol, when the \"external registrar\" authentication method is used, does not properly inform clients about failed PIN authentication, which makes it easier for remote attackers to discover the PIN value, and consequently discover the Wi-Fi network password or reconfigure an access point, by reading EAP-NACK messages."
},
{
"lang": "es",
"value": "El protocolo WPS (Wi-Fi Protected Setup), cuando se utiliza el m\u00e9todo de autenticaci\u00f3n \"external registrar\", no informa adecuadamente a los clientes sobre los fallos de autenticaci\u00f3n de PIN, lo que facilita a los atacantes remotos a la hora de descubrir el valor del PIN, y por lo tanto descubrir la contrase\u00f1a de red de la Wifi o de reconfigurar un punto de acceso, mediante la lectura de mensajes EAP-NACK."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"baseScore": 5.8,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wi-fi:wifi_protected_setup_protocol:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2A3134-0F55-472C-BC79-D5F0C24CFC81"
}
]
}
]
}
],
"references": [
{
"url": "http://code.google.com/p/reaver-wps/",
"source": "cret@cert.org"
},
{
"url": "http://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf",
"source": "cret@cert.org"
},
{
"url": "http://sviehb.wordpress.com/2011/12/27/wi-fi-protected-setup-pin-brute-force-vulnerability/",
"source": "cret@cert.org"
},
{
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20120111-wps",
"source": "cret@cert.org"
},
{
"url": "http://www.kb.cert.org/vuls/id/723755",
"source": "cret@cert.org",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA12-006A.html",
"source": "cret@cert.org",
"tags": [
"US Government Resource"
]
},
{
"url": "http://code.google.com/p/reaver-wps/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://sviehb.wordpress.com/2011/12/27/wi-fi-protected-setup-pin-brute-force-vulnerability/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20120111-wps",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.kb.cert.org/vuls/id/723755",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA12-006A.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink