CVE-2010-2976 - OpenCVE

The controller in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 has (1) a default SNMP read-only community of public, (2) a default SNMP read-write community of private, and a value of "default" for the (3) SNMP v3 username, (4) SNMP v3 authentication password, and (5) SNMP v3 privacy password, which makes it easier for remote attackers to obtain access.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Unified Wireless Network Solution Software

Configuration 1 [-]

OR	cpe:2.3:o:cisco:unified_wireless_network_solution_software:7.0:::::::*
	cpe:2.3:o:cisco:unified_wireless_network_solution_software:7.0.98.0:::::::*

No data.

References

Link	Providers
http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-08-09T19:23:00Z

Updated: 2024-09-17T04:09:23.038Z

Reserved: 2010-08-09T00:00:00Z

Link: CVE-2010-2976

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2010-08-10T12:19:09.850

Modified: 2010-08-10T14:25:38.063

Link: CVE-2010-2976

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The controller in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 has (1) a default SNMP read-only community of public, (2) a default SNMP read-write community of private, and a value of \"default\" for the (3) SNMP v3 username, (4) SNMP v3 authentication password, and (5) SNMP v3 privacy password, which makes it easier for remote attackers to obtain access."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2010-08-09T19:23:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-2976", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The controller in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 has (1) a default SNMP read-only community of public, (2) a default SNMP read-write community of private, and a value of \"default\" for the (3) SNMP v3 username, (4) SNMP v3 authentication password, and (5) SNMP v3 privacy password, which makes it easier for remote attackers to obtain access."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html", "refsource": "CONFIRM", "url": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T02:55:46.545Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-2976", "datePublished": "2010-08-09T19:23:00Z", "dateReserved": "2010-08-09T00:00:00Z", "dateUpdated": "2024-09-17T04:09:23.038Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:unified_wireless_network_solution_software:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "A3199EF5-5086-4DDE-997F-9F7F15E9BB21", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:unified_wireless_network_solution_software:7.0.98.0:*:*:*:*:*:*:*", "matchCriteriaId": "1CFF7663-19E4-4DD8-BCA0-C1B03F630312", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The controller in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 has (1) a default SNMP read-only community of public, (2) a default SNMP read-write community of private, and a value of \"default\" for the (3) SNMP v3 username, (4) SNMP v3 authentication password, and (5) SNMP v3 privacy password, which makes it easier for remote attackers to obtain access."}, {"lang": "es", "value": "El controlador de Cisco Unified Wireless Network (UWN) Solution v7.x anterior a v7.0.98.0 tiene (1) una comunidad p\u00fablica SNMP por defecto de solo lectura, (2) una comunidad privada SNMP por defecto de lectura y escritura, y un valor de \"default\" para el (3) usuario SNMP v3, (4) contrase\u00f1a de autenticaci\u00f3n SNMP v3, y (5) contrase\u00f1a de privacidad, lo que hace m\u00e1s sencillo para usuarios remotos obtener acceso."}], "id": "CVE-2010-2976", "lastModified": "2010-08-10T14:25:38.063", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-08-10T12:19:09.850", "references": [{"source": "cve@mitre.org", "url": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-255"}], "source": "nvd@nist.gov", "type": "Primary"}]}