Sign-up

ID

VAR-201008-0354


CVE

CVE-2010-2983


TITLE

Cisco UWN Solution Service disruption in the workgroup bridge function (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2010-004252

DESCRIPTION

The workgroup bridge (aka WGB) functionality in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (dropped connection) via a series of spoofed EAPoL-Logoff frames, related to an "EAPoL logoff attack," aka Bug ID CSCte43374. Cisco Unified Wireless Network (UWN) Solution is prone to multiple security vulnerabilities, including denial of service, authentication bypass, information disclosure, unauthorized access, and an unspecified remote vulnerability. Exploiting these issues can allow an attacker to deny service to legitimate users, bypass security restrictions, gain unauthorized access, or execute arbitrary code. Other attacks may also be possible. Versions prior to Cisco Unified Wireless Network (UWN) 7.0.98.0 are vulnerable. A remote attacker can cause a denial of service attack (connection failure) by means of a series of forged EAPoL-Logoff frames

Trust: 1.98

sources: NVD: CVE-2010-2983 // JVNDB: JVNDB-2010-004252 // BID: 42387 // VULHUB: VHN-45588

AFFECTED PRODUCTS

vendor:ciscomodel:unified wireless network solution softwarescope:eqversion:7.0

Trust: 1.6

vendor:ciscomodel:unified wireless network solution softwarescope:eqversion:7.0.98.0

Trust: 1.6

vendor:ciscomodel:unified wireless network solutionscope:eqversion:7.0.98.0

Trust: 0.8

vendor:ciscomodel:unified wireless network solutionscope:ltversion:7.x

Trust: 0.8

sources: JVNDB: JVNDB-2010-004252 // CNNVD: CNNVD-201008-079 // NVD: CVE-2010-2983

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-2983
value: HIGH

Trust: 1.0

NVD: CVE-2010-2983
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201008-079
value: HIGH

Trust: 0.6

VULHUB: VHN-45588
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2010-2983
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-45588
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-45588 // JVNDB: JVNDB-2010-004252 // CNNVD: CNNVD-201008-079 // NVD: CVE-2010-2983

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-Other

Trust: 0.8

sources: JVNDB: JVNDB-2010-004252 // NVD: CVE-2010-2983

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201008-079

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201008-079

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2010-004252

PATCH
title:Release Notes for Cisco Wireless LAN Controllers and Lightweight Access Points for Release 7.0.98.0url:http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2010-004252

EXTERNAL IDS
db:NVDid:CVE-2010-2983
Trust: 2.8
db:JVNDBid:JVNDB-2010-004252
Trust: 0.8
db:CNNVDid:CNNVD-201008-079
Trust: 0.7
db:BIDid:42387
Trust: 0.3
db:VULHUBid:VHN-45588
Trust: 0.1
sources:
            
            
            VULHUB: VHN-45588 // 
            
            
            
            BID: 42387 // 
            
            
            
            JVNDB: JVNDB-2010-004252 // 
            
            
            
            CNNVD: CNNVD-201008-079 // 
            
            
            
            NVD: CVE-2010-2983

REFERENCES
url:http://www.cisco.com/en/us/docs/wireless/controller/release/notes/crn7.0.html
Trust: 2.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2983
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2983
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-45588 // 
            
            
            
            BID: 42387 // 
            
            
            
            JVNDB: JVNDB-2010-004252 // 
            
            
            
            CNNVD: CNNVD-201008-079 // 
            
            
            
            NVD: CVE-2010-2983

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 42387

SOURCES
db:VULHUBid:VHN-45588
db:BIDid:42387
db:JVNDBid:JVNDB-2010-004252
db:CNNVDid:CNNVD-201008-079
db:NVDid:CVE-2010-2983

LAST UPDATE DATE
2025-04-11T22:54:11.849000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-45588date:2010-08-10T00:00:00
db:BIDid:42387date:2010-06-24T00:00:00
db:JVNDBid:JVNDB-2010-004252date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-201008-079date:2010-08-13T00:00:00
db:NVDid:CVE-2010-2983date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:VULHUBid:VHN-45588date:2010-08-10T00:00:00
db:BIDid:42387date:2010-06-24T00:00:00
db:JVNDBid:JVNDB-2010-004252date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-201008-079date:2010-08-13T00:00:00
db:NVDid:CVE-2010-2983date:2010-08-10T12:19:10.037