Vulnerability Description
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4404 series controllers does not properly implement the WEBAUTH_REQD state, which allows remote attackers to bypass intended access restrictions via WLAN traffic, aka Bug ID CSCtb75305.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Wireless Network Solution Software | 7.0 |
| Cisco | 4404 Wireless Lan Controller | All versions |
References
- http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
- http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html
FAQ
What is CVE-2010-2984?
CVE-2010-2984 is a vulnerability with a CVSS score of 10.0 (HIGH). Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4404 series controllers does not properly implement the WEBAUTH_REQD state, which allows remote attackers to bypass intended access...
How severe is CVE-2010-2984?
CVE-2010-2984 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-2984?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Wireless Network Solution Software, Cisco 4404 Wireless Lan Controller.