Sign-up

ID

VAR-201008-0348


CVE

CVE-2010-2977


TITLE

Cisco UWN Solution Vulnerabilities in unknown details

Trust: 0.8

sources: JVNDB: JVNDB-2010-004246

DESCRIPTION

Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not properly implement TLS and SSL, which has unspecified impact and remote attack vectors, aka Bug ID CSCtd01611. Exploiting these issues can allow an attacker to deny service to legitimate users, bypass security restrictions, gain unauthorized access, or execute arbitrary code. Other attacks may also be possible. Versions prior to Cisco Unified Wireless Network (UWN) 7.0.98.0 are vulnerable

Trust: 1.98

sources: NVD: CVE-2010-2977 // JVNDB: JVNDB-2010-004246 // BID: 42387 // VULHUB: VHN-45582

AFFECTED PRODUCTS

vendor:ciscomodel:unified wireless network solution softwarescope:eqversion:7.0

Trust: 1.6

vendor:ciscomodel:unified wireless network solution softwarescope:eqversion:7.0.98.0

Trust: 1.6

vendor:ciscomodel:unified wireless network solutionscope:eqversion:7.x to 7.0.98.0

Trust: 0.8

sources: JVNDB: JVNDB-2010-004246 // CNNVD: CNNVD-201008-073 // NVD: CVE-2010-2977

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-2977
value: HIGH

Trust: 1.0

NVD: CVE-2010-2977
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201008-073
value: CRITICAL

Trust: 0.6

VULHUB: VHN-45582
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2010-2977
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-45582
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-45582 // JVNDB: JVNDB-2010-004246 // CNNVD: CNNVD-201008-073 // NVD: CVE-2010-2977

PROBLEMTYPE DATA

problemtype:CWE-16

Trust: 1.9

sources: VULHUB: VHN-45582 // JVNDB: JVNDB-2010-004246 // NVD: CVE-2010-2977

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201008-073

TYPE

configuration error

Trust: 0.6

sources: CNNVD: CNNVD-201008-073

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2010-004246

PATCH
title:Release Notes for Cisco Wireless LAN Controllers and Lightweight Access Points for Release 7.0.98.0url:http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2010-004246

EXTERNAL IDS
db:NVDid:CVE-2010-2977
Trust: 2.8
db:JVNDBid:JVNDB-2010-004246
Trust: 0.8
db:CNNVDid:CNNVD-201008-073
Trust: 0.7
db:BIDid:42387
Trust: 0.3
db:VULHUBid:VHN-45582
Trust: 0.1
sources:
            
            
            VULHUB: VHN-45582 // 
            
            
            
            BID: 42387 // 
            
            
            
            JVNDB: JVNDB-2010-004246 // 
            
            
            
            CNNVD: CNNVD-201008-073 // 
            
            
            
            NVD: CVE-2010-2977

REFERENCES
url:http://www.cisco.com/en/us/docs/wireless/controller/release/notes/crn7.0.html
Trust: 2.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2977
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2977
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-45582 // 
            
            
            
            BID: 42387 // 
            
            
            
            JVNDB: JVNDB-2010-004246 // 
            
            
            
            CNNVD: CNNVD-201008-073 // 
            
            
            
            NVD: CVE-2010-2977

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 42387

SOURCES
db:VULHUBid:VHN-45582
db:BIDid:42387
db:JVNDBid:JVNDB-2010-004246
db:CNNVDid:CNNVD-201008-073
db:NVDid:CVE-2010-2977

LAST UPDATE DATE
2025-04-11T22:54:11.905000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-45582date:2010-08-10T00:00:00
db:BIDid:42387date:2010-06-24T00:00:00
db:JVNDBid:JVNDB-2010-004246date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-201008-073date:2010-08-12T00:00:00
db:NVDid:CVE-2010-2977date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:VULHUBid:VHN-45582date:2010-08-10T00:00:00
db:BIDid:42387date:2010-06-24T00:00:00
db:JVNDBid:JVNDB-2010-004246date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-201008-073date:2010-08-12T00:00:00
db:NVDid:CVE-2010-2977date:2010-08-10T12:19:09.880