Details of VAR-201307-0228

ID

VAR-201307-0228

CVE

CVE-2013-3441

TITLE

Cisco Aironet 3600 access Service operation interruption at points (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-003497

DESCRIPTION

Cisco Aironet 3600 access points allow remote attackers to cause a denial of service (memory corruption and device crash) by disrupting Cisco Wireless LAN Controller communication and consequently forcing many transitions from FlexConnect mode to Standalone mode, aka Bug ID CSCuh71210. The Cisco Aironet 3600 access points is a Cisco wireless access point product. Successfully exploiting this issue allows remote attackers to cause denial-of-service conditions. This issue is being tracked by Cisco Bug ID CSCuh71210. The function of this product is to connect wired network and wireless clients

Trust: 2.52

sources: NVD: CVE-2013-3441 // JVNDB: JVNDB-2013-003497 // CNVD: CNVD-2013-10600 // BID: 61404 // VULHUB: VHN-63443

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2013-10600

AFFECTED PRODUCTS

vendor:	cisco	model:	aironet 3600p	scope:	eq	version:	-	Trust: 1.6
vendor:	cisco	model:	aironet 3600	scope:	eq	version:	-	Trust: 1.6
vendor:	cisco	model:	aironet 3600e	scope:	eq	version:	-	Trust: 1.6
vendor:	cisco	model:	aironet 3600i	scope:	eq	version:	-	Trust: 1.6
vendor:	cisco	model:	aironet 3600 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	aironet 3600e access point	scope:	eq	version:	7.4	Trust: 0.8
vendor:	cisco	model:	aironet 3600i access point	scope:	eq	version:	7.4	Trust: 0.8
vendor:	cisco	model:	aironet 3600p access point	scope:	eq	version:	7.4	Trust: 0.8
vendor:	cisco	model:	aironet access points	scope:	eq	version:	3600	Trust: 0.6
vendor:	cisco	model:	aironet access point software	scope:	eq	version:	7.4	Trust: 0.3

sources: CNVD: CNVD-2013-10600 // BID: 61404 // JVNDB: JVNDB-2013-003497 // CNNVD: CNNVD-201307-479 // NVD: CVE-2013-3441

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-3441
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2013-3441
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2013-10600
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201307-479
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-63443
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2013-3441
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2013-10600
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-63443
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2013-10600 // VULHUB: VHN-63443 // JVNDB: JVNDB-2013-003497 // CNNVD: CNNVD-201307-479 // NVD: CVE-2013-3441

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-63443 // JVNDB: JVNDB-2013-003497 // NVD: CVE-2013-3441

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201307-479

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201307-479

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-003497

PATCH

title:	Cisco Aironet 3600 Series Access Point Denial of Service Vulnerability	url:	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3441	Trust: 0.8
title:	30170	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=30170	Trust: 0.8
title:	Cisco Aironet 3600 Series Access Point Remote Denial of Service Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/36466	Trust: 0.6

sources: CNVD: CNVD-2013-10600 // JVNDB: JVNDB-2013-003497

EXTERNAL IDS

db:	NVD	id:	CVE-2013-3441	Trust: 3.4
db:	BID	id:	61404	Trust: 2.0
db:	SECTRACK	id:	1028818	Trust: 1.1
db:	OSVDB	id:	95548	Trust: 1.1
db:	JVNDB	id:	JVNDB-2013-003497	Trust: 0.8
db:	CNNVD	id:	CNNVD-201307-479	Trust: 0.7
db:	SECUNIA	id:	54284	Trust: 0.6
db:	CNVD	id:	CNVD-2013-10600	Trust: 0.6
db:	CISCO	id:	20130722 CISCO AIRONET 3600 SERIES ACCESS POINT DENIAL OF SERVICE VULNERABILITY	Trust: 0.6
db:	VULHUB	id:	VHN-63443	Trust: 0.1

sources: CNVD: CNVD-2013-10600 // VULHUB: VHN-63443 // BID: 61404 // JVNDB: JVNDB-2013-003497 // CNNVD: CNNVD-201307-479 // NVD: CVE-2013-3441

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-3441	Trust: 2.6
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=30170	Trust: 2.0
url:	http://www.securityfocus.com/bid/61404	Trust: 1.1
url:	http://osvdb.org/95548	Trust: 1.1
url:	http://www.securitytracker.com/id/1028818	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3441	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3441	Trust: 0.8
url:	http://www.secunia.com/advisories/54284/	Trust: 0.6
url:	http://www.cisco.com/en/us/products/ps11983/index.html	Trust: 0.3
url:	http://www.cisco.com/cisco/web/solutions/small_business/products/wireless/aironet_series_access_points/index.html	Trust: 0.3
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2013-10600 // VULHUB: VHN-63443 // BID: 61404 // JVNDB: JVNDB-2013-003497 // CNNVD: CNNVD-201307-479 // NVD: CVE-2013-3441

CREDITS

Cisco

Trust: 0.3

sources: BID: 61404

SOURCES

db:	CNVD	id:	CNVD-2013-10600
db:	VULHUB	id:	VHN-63443
db:	BID	id:	61404
db:	JVNDB	id:	JVNDB-2013-003497
db:	CNNVD	id:	CNNVD-201307-479
db:	NVD	id:	CVE-2013-3441

LAST UPDATE DATE

2024-08-14T13:35:43.860000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2013-10600	date:	2013-07-25T00:00:00
db:	VULHUB	id:	VHN-63443	date:	2017-11-18T00:00:00
db:	BID	id:	61404	date:	2013-07-22T00:00:00
db:	JVNDB	id:	JVNDB-2013-003497	date:	2013-07-24T00:00:00
db:	CNNVD	id:	CNNVD-201307-479	date:	2013-07-29T00:00:00
db:	NVD	id:	CVE-2013-3441	date:	2017-11-18T02:29:00.947

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2013-10600	date:	2013-07-25T00:00:00
db:	VULHUB	id:	VHN-63443	date:	2013-07-23T00:00:00
db:	BID	id:	61404	date:	2013-07-22T00:00:00
db:	JVNDB	id:	JVNDB-2013-003497	date:	2013-07-24T00:00:00
db:	CNNVD	id:	CNNVD-201307-479	date:	2013-07-24T00:00:00
db:	NVD	id:	CVE-2013-3441	date:	2013-07-23T11:03:11.990