CVE-2013-5030 — HIGH (7.2) — White Hats Nepal

Vulnerability Description

Ruckus Wireless Zoneflex 2942 devices with firmware 9.6.0.0.267 allow remote attackers to bypass authentication, and subsequently access certain configuration/ and maintenance/ scripts, by constructing a crafted URI after receiving an authentication error for an arbitrary login attempt.

CVSS Score

7.2

HIGH

AV:L/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Ruckuswireless	Zoneflex 2942 Firmware	9.6.0.0.267
Ruckuswireless	Zoneflex 2942	-

Related Weaknesses (CWE)

CWE-264

References

http://www.kb.cert.org/vuls/id/742932US Government Resource
http://www.kb.cert.org/vuls/id/742932US Government Resource

FAQ

What is CVE-2013-5030?

CVE-2013-5030 is a vulnerability with a CVSS score of 7.2 (HIGH). Ruckus Wireless Zoneflex 2942 devices with firmware 9.6.0.0.267 allow remote attackers to bypass authentication, and subsequently access certain configuration/ and maintenance/ scripts, by constructin...

How severe is CVE-2013-5030?

CVE-2013-5030 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-5030?

Check the references section above for vendor advisories and patch information. Affected products include: Ruckuswireless Zoneflex 2942 Firmware, Ruckuswireless Zoneflex 2942.