Sign-up

ID

VAR-201008-0350


CVE

CVE-2010-2979


TITLE

Cisco UWN Solution Denial of service in Japan (DoS) Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2010-004248

DESCRIPTION

Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (buffer leak and device crash) via ARP requests that trigger an ARP storm, aka Bug ID CSCte43508. Exploiting these issues can allow an attacker to deny service to legitimate users, bypass security restrictions, gain unauthorized access, or execute arbitrary code. Other attacks may also be possible. Versions prior to Cisco Unified Wireless Network (UWN) 7.0.98.0 are vulnerable

Trust: 1.98

sources: NVD: CVE-2010-2979 // JVNDB: JVNDB-2010-004248 // BID: 42387 // VULHUB: VHN-45584

AFFECTED PRODUCTS

vendor:ciscomodel:unified wireless network solution softwarescope:eqversion:7.0

Trust: 1.6

vendor:ciscomodel:unified wireless network solution softwarescope:eqversion:7.0.98.0

Trust: 1.6

vendor:ciscomodel:5508 wireless controllerscope: - version: -

Trust: 0.8

vendor:ciscomodel:unified wireless network solutionscope:eqversion:7.x to 7.0.98.0

Trust: 0.8

sources: JVNDB: JVNDB-2010-004248 // CNNVD: CNNVD-201008-075 // NVD: CVE-2010-2979

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-2979
value: HIGH

Trust: 1.0

NVD: CVE-2010-2979
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201008-075
value: HIGH

Trust: 0.6

VULHUB: VHN-45584
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2010-2979
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-45584
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-45584 // JVNDB: JVNDB-2010-004248 // CNNVD: CNNVD-201008-075 // NVD: CVE-2010-2979

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-45584 // JVNDB: JVNDB-2010-004248 // NVD: CVE-2010-2979

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201008-075

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201008-075

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2010-004248

PATCH
title:Release Notes for Cisco Wireless LAN Controllers and Lightweight Access Points for Release 7.0.98.0url:http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2010-004248

EXTERNAL IDS
db:NVDid:CVE-2010-2979
Trust: 2.8
db:JVNDBid:JVNDB-2010-004248
Trust: 0.8
db:CNNVDid:CNNVD-201008-075
Trust: 0.7
db:BIDid:42387
Trust: 0.3
db:VULHUBid:VHN-45584
Trust: 0.1
sources:
            
            
            VULHUB: VHN-45584 // 
            
            
            
            BID: 42387 // 
            
            
            
            JVNDB: JVNDB-2010-004248 // 
            
            
            
            CNNVD: CNNVD-201008-075 // 
            
            
            
            NVD: CVE-2010-2979

REFERENCES
url:http://www.cisco.com/en/us/docs/wireless/controller/release/notes/crn7.0.html
Trust: 2.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2979
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2979
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-45584 // 
            
            
            
            BID: 42387 // 
            
            
            
            JVNDB: JVNDB-2010-004248 // 
            
            
            
            CNNVD: CNNVD-201008-075 // 
            
            
            
            NVD: CVE-2010-2979

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 42387

SOURCES
db:VULHUBid:VHN-45584
db:BIDid:42387
db:JVNDBid:JVNDB-2010-004248
db:CNNVDid:CNNVD-201008-075
db:NVDid:CVE-2010-2979

LAST UPDATE DATE
2025-04-11T22:54:11.658000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-45584date:2010-08-10T00:00:00
db:BIDid:42387date:2010-06-24T00:00:00
db:JVNDBid:JVNDB-2010-004248date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-201008-075date:2010-08-12T00:00:00
db:NVDid:CVE-2010-2979date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:VULHUBid:VHN-45584date:2010-08-10T00:00:00
db:BIDid:42387date:2010-06-24T00:00:00
db:JVNDBid:JVNDB-2010-004248date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-201008-075date:2010-08-12T00:00:00
db:NVDid:CVE-2010-2979date:2010-08-10T12:19:09.927