Vulnerability-Lookup

CVE-2005-3253 (GCVE-0-2005-3253)

Vulnerability from cvelistv5 – Published: 2005-12-16 11:00 – Updated: 2024-08-07 23:01

Summary

Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of "12345", which allows remote attackers to bypass authentication.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.osvdb.org/22091	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/18047	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/18057	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2005/2931	vdb-entryx_refsource_VUPEN
	http://support.avaya.com/elmodocs2/security/ASA-2…	x_refsource_CONFIRM
	http://keygen.proxim.com/support/cs/Documents/802…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard Create KEV Entry

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:01:59.253Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "22091",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/22091"
          },
          {
            "name": "18047",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18047"
          },
          {
            "name": "18057",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18057"
          },
          {
            "name": "ADV-2005-2931",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2931"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-12-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of \"12345\", which allows remote attackers to bypass authentication."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-01-20T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "22091",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/22091"
        },
        {
          "name": "18047",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18047"
        },
        {
          "name": "18057",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18057"
        },
        {
          "name": "ADV-2005-2931",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2931"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3253",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of \"12345\", which allows remote attackers to bypass authentication."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "22091",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/22091"
            },
            {
              "name": "18047",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18047"
            },
            {
              "name": "18057",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18057"
            },
            {
              "name": "ADV-2005-2931",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2931"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf"
            },
            {
              "name": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf",
              "refsource": "CONFIRM",
              "url": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-3253",
    "datePublished": "2005-12-16T11:00:00",
    "dateReserved": "2005-10-18T00:00:00",
    "dateUpdated": "2024-08-07T23:01:59.253Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2005-3253\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2005-12-16T11:03:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of \\\"12345\\\", which allows remote attackers to bypass authentication.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:wireless_ap-3:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE41CF27-432E-4A11-A804-954195538FB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:wireless_ap-3:2.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF5C425E-F670-4DEF-B532-07D8DC66E8CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:wireless_ap-4:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1485FB74-AD78-40B4-8183-63B11BF27249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:wireless_ap-4:2.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92381317-38CE-4B56-B3AC-4465A351EDD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:wireless_ap-5:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF560B1A-F41F-4EDE-9172-60AD80EBF9E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:wireless_ap-5:2.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7307F22-DB94-4DE4-8873-6A6CA791213C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:wireless_ap-6:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D95A1268-ECCF-4AC0-BD14-2D0B9172AEE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:wireless_ap-6:2.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B95082B7-7B8D-4A7E-9506-592E2399287B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:wireless_ap-7:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABF3A01B-17E5-4683-8EAC-0E174473A5A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:wireless_ap-8:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA452029-2FB7-4B84-9DDC-84A3007650CF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:proxim:ap-2000:2.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DD83FFB-8EE9-4551-B36C-4D7CF68EFF29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:proxim:ap-4000:2.4.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C41ED996-F360-4CC6-9916-EEE454BC5E25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:proxim:ap-4000:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7235EE55-1513-45DE-A5A8-E60A0192C35C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:proxim:ap-600:2.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B336E98-6E84-41CA-8EF2-2E8D67B9B247\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:proxim:ap-700:2.4.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A1BE5EA-F7B6-4A4D-A527-DFD074B37D28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:proxim:ap-700:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08771AE2-6096-4268-A0A8-28041ED49D48\"}]}]}],\"references\":[{\"url\":\"http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/18047\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/18057\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/22091\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2005/2931\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/18047\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/18057\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/22091\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2005/2931\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GHSA-72M9-JJ7R-733C

Vulnerability from github – Published: 2022-05-01 02:15 – Updated: 2022-05-01 02:15

Details

Show details on source website

JSON

To clipboard Create KEV Entry

{
  "affected": [],
  "aliases": [
    "CVE-2005-3253"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-12-16T11:03:00Z",
    "severity": "HIGH"
  },
  "details": "Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of \"12345\", which allows remote attackers to bypass authentication.",
  "id": "GHSA-72m9-jj7r-733c",
  "modified": "2022-05-01T02:15:55Z",
  "published": "2022-05-01T02:15:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-3253"
    },
    {
      "type": "WEB",
      "url": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18047"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18057"
    },
    {
      "type": "WEB",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/22091"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2005/2931"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-200512-0658

Vulnerability from variot - Updated: 2025-04-03 22:27

The problem is caused due to the presence of a static WEP key set to "12345". This can be exploited to bypass the 802.1x authentication process.

Successful exploitation allows access to network resources.

The security issue affects the following products: * Avaya Wireless Access Points AP-3, AP-4, AP-5, and AP-6 (All versions after 2.5 to 2.5.4) * Avaya Wireless Access Points AP-7 and AP-8 (All versions after 2.5 and prior to 3.1)

SOLUTION: Avaya Wireless AP-3: Apply Software Update 2.5.5 for AP3. http://support.avaya.com/japple/css/japple?temp.documentID=280939&temp.productID=107770&temp.bucketID=108025&PAGE=Document

Avaya Wireless AP-4, 5, and 6: Apply Software Update 2.5.5 for AP4, 5, and 6. http://support.avaya.com/japple/css/japple?temp.documentID=280948&temp.productID=107770&temp.bucketID=108025&PAGE=Document

Avaya Wireless AP-7: Apply Software Update 3.1 for AP7. http://support.avaya.com/japple/css/japple?temp.documentID=280946&temp.productID=107770&temp.bucketID=108025&PAGE=Document

Avaya Wireless AP-8: Apply Software Update 2.5.5 for AP4, 5, and 6. http://support.avaya.com/japple/css/japple?temp.documentID=280948&temp.productID=107770&temp.bucketID=108025&PAGE=Document

PROVIDED AND/OR DISCOVERED BY: Urmas Kahar and Tarmo Kaljumae

ORIGINAL ADVISORY: http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard Create KEV Entry

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200512-0658",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wireless ap-7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "avaya",
        "version": "2.5"
      },
      {
        "model": "wireless ap-5",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "avaya",
        "version": "2.5"
      },
      {
        "model": "wireless ap-8",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "avaya",
        "version": "2.5"
      },
      {
        "model": "wireless ap-6",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "avaya",
        "version": "2.5"
      },
      {
        "model": "wireless ap-3",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "avaya",
        "version": "2.5.4"
      },
      {
        "model": "wireless ap-6",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "avaya",
        "version": "2.5.4"
      },
      {
        "model": "wireless ap-5",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "avaya",
        "version": "2.5.4"
      },
      {
        "model": "wireless ap-4",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "avaya",
        "version": "2.5"
      },
      {
        "model": "wireless ap-4",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "avaya",
        "version": "2.5.4"
      },
      {
        "model": "wireless ap-3",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "avaya",
        "version": "2.5"
      },
      {
        "model": "ap-4000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "proxim",
        "version": "3.0"
      },
      {
        "model": "ap-600",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "proxim",
        "version": "2.5.4"
      },
      {
        "model": "ap-2000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "proxim",
        "version": "2.5.4"
      },
      {
        "model": "ap-700",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "proxim",
        "version": "2.4.12"
      },
      {
        "model": "ap-700",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "proxim",
        "version": "3.0"
      },
      {
        "model": "ap-4000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "proxim",
        "version": "2.4.12"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-341"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3253"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Urmas KaharTarmo Kaljumae",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-341"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2005-3253",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2005-3253",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-14462",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2005-3253",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200512-341",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-14462",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14462"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-341"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3253"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of \"12345\", which allows remote attackers to bypass authentication. Both Avaya wireless AP and Proxim wireless AP are very popular wireless access devices. \n\nThe problem is caused due to the presence of a static WEP key set to\n\"12345\". This can be exploited to bypass the 802.1x authentication\nprocess. \n\nSuccessful exploitation allows access to network resources. \n\nThe security issue affects the following products:\n* Avaya Wireless Access Points AP-3, AP-4, AP-5, and AP-6 (All\nversions after 2.5 to 2.5.4)\n* Avaya Wireless Access Points AP-7 and AP-8 (All versions after 2.5\nand prior to 3.1)\n\nSOLUTION:\nAvaya Wireless AP-3:\nApply Software Update 2.5.5 for AP3. \nhttp://support.avaya.com/japple/css/japple?temp.documentID=280939\u0026temp.productID=107770\u0026temp.bucketID=108025\u0026PAGE=Document\n\nAvaya Wireless AP-4, 5, and 6:\nApply Software Update 2.5.5 for AP4, 5, and 6. \nhttp://support.avaya.com/japple/css/japple?temp.documentID=280948\u0026temp.productID=107770\u0026temp.bucketID=108025\u0026PAGE=Document\n\nAvaya Wireless AP-7:\nApply Software Update 3.1 for AP7. \nhttp://support.avaya.com/japple/css/japple?temp.documentID=280946\u0026temp.productID=107770\u0026temp.bucketID=108025\u0026PAGE=Document\n\nAvaya Wireless AP-8:\nApply Software Update 2.5.5 for AP4, 5, and 6. \nhttp://support.avaya.com/japple/css/japple?temp.documentID=280948\u0026temp.productID=107770\u0026temp.bucketID=108025\u0026PAGE=Document\n\nPROVIDED AND/OR DISCOVERED BY:\nUrmas Kahar and Tarmo Kaljumae\n\nORIGINAL ADVISORY:\nhttp://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-3253"
      },
      {
        "db": "VULHUB",
        "id": "VHN-14462"
      },
      {
        "db": "PACKETSTORM",
        "id": "42570"
      },
      {
        "db": "PACKETSTORM",
        "id": "42357"
      }
    ],
    "trust": 1.17
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "SECUNIA",
        "id": "18057",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "18047",
        "trust": 1.8
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3253",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2005-2931",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "22091",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-341",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-14462",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "42570",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "42357",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14462"
      },
      {
        "db": "PACKETSTORM",
        "id": "42570"
      },
      {
        "db": "PACKETSTORM",
        "id": "42357"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-341"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3253"
      }
    ]
  },
  "id": "VAR-200512-0658",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14462"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2025-04-03T22:27:07.905000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-3253"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "http://keygen.proxim.com/support/cs/documents/802.1x_vulnerability.pdf"
      },
      {
        "trust": 1.8,
        "url": "http://support.avaya.com/elmodocs2/security/asa-2005-233.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/22091"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/18047"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/18057"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2005/2931"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2005/2931"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/18047/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://support.proxim.com/cgi-bin/proxim.cfg/php/enduser/std_adp.php?p_faqid=1250"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6679/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6680/"
      },
      {
        "trust": 0.1,
        "url": "http://support.proxim.com/cgi-bin/proxim.cfg/php/enduser/std_adp.php?p_faqid=1222"
      },
      {
        "trust": 0.1,
        "url": "http://support.proxim.com/cgi-bin/proxim.cfg/php/enduser/std_adp.php?p_faqid=1221"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6681/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6677/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/18057/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6676/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6678/"
      },
      {
        "trust": 0.1,
        "url": "http://support.proxim.com/cgi-bin/proxim.cfg/php/enduser/std_adp.php?p_faqid=1686"
      },
      {
        "trust": 0.1,
        "url": "http://support.avaya.com/japple/css/japple?temp.documentid=280948\u0026temp.productid=107770\u0026temp.bucketid=108025\u0026page=document"
      },
      {
        "trust": 0.1,
        "url": "http://support.avaya.com/japple/css/japple?temp.documentid=280946\u0026temp.productid=107770\u0026temp.bucketid=108025\u0026page=document"
      },
      {
        "trust": 0.1,
        "url": "http://support.avaya.com/japple/css/japple?temp.documentid=280939\u0026temp.productid=107770\u0026temp.bucketid=108025\u0026page=document"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6524/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6526/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6525/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14462"
      },
      {
        "db": "PACKETSTORM",
        "id": "42570"
      },
      {
        "db": "PACKETSTORM",
        "id": "42357"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-341"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3253"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-14462"
      },
      {
        "db": "PACKETSTORM",
        "id": "42570"
      },
      {
        "db": "PACKETSTORM",
        "id": "42357"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-341"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3253"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2005-12-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-14462"
      },
      {
        "date": "2005-12-27T19:53:43",
        "db": "PACKETSTORM",
        "id": "42570"
      },
      {
        "date": "2005-12-16T20:41:53",
        "db": "PACKETSTORM",
        "id": "42357"
      },
      {
        "date": "2005-12-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200512-341"
      },
      {
        "date": "2005-12-16T11:03:00",
        "db": "NVD",
        "id": "CVE-2005-3253"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-03-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-14462"
      },
      {
        "date": "2006-06-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200512-341"
      },
      {
        "date": "2025-04-03T01:03:51.193000",
        "db": "NVD",
        "id": "CVE-2005-3253"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-341"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "WEP Key Authentication Bypass Vulnerability",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-341"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "unknown",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-341"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2005-3253

Vulnerability from fkie_nvd - Published: 2005-12-16 11:03 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf
cve@mitre.org	http://secunia.com/advisories/18047	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/18057
cve@mitre.org	http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf	Patch, Vendor Advisory
cve@mitre.org	http://www.osvdb.org/22091
cve@mitre.org	http://www.vupen.com/english/advisories/2005/2931
af854a3a-2127-422b-91ae-364da2661108	http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18047	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18057
af854a3a-2127-422b-91ae-364da2661108	http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/22091
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2005/2931

Impacted products

Vendor	Product	Version
avaya	wireless_ap-3	2.5
avaya	wireless_ap-3	2.5.4
avaya	wireless_ap-4	2.5
avaya	wireless_ap-4	2.5.4
avaya	wireless_ap-5	2.5
avaya	wireless_ap-5	2.5.4
avaya	wireless_ap-6	2.5
avaya	wireless_ap-6	2.5.4
avaya	wireless_ap-7	2.5
avaya	wireless_ap-8	2.5
proxim	ap-2000	2.5.4
proxim	ap-4000	2.4.12
proxim	ap-4000	3.0
proxim	ap-600	2.5.4
proxim	ap-700	2.4.12
proxim	ap-700	3.0

JSON

To clipboard Create KEV Entry

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:avaya:wireless_ap-3:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE41CF27-432E-4A11-A804-954195538FB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:wireless_ap-3:2.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF5C425E-F670-4DEF-B532-07D8DC66E8CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:wireless_ap-4:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1485FB74-AD78-40B4-8183-63B11BF27249",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:wireless_ap-4:2.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "92381317-38CE-4B56-B3AC-4465A351EDD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:wireless_ap-5:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF560B1A-F41F-4EDE-9172-60AD80EBF9E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:wireless_ap-5:2.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7307F22-DB94-4DE4-8873-6A6CA791213C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:wireless_ap-6:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D95A1268-ECCF-4AC0-BD14-2D0B9172AEE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:wireless_ap-6:2.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B95082B7-7B8D-4A7E-9506-592E2399287B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:wireless_ap-7:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF3A01B-17E5-4683-8EAC-0E174473A5A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:wireless_ap-8:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA452029-2FB7-4B84-9DDC-84A3007650CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:proxim:ap-2000:2.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DD83FFB-8EE9-4551-B36C-4D7CF68EFF29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:proxim:ap-4000:2.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "C41ED996-F360-4CC6-9916-EEE454BC5E25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:proxim:ap-4000:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7235EE55-1513-45DE-A5A8-E60A0192C35C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:proxim:ap-600:2.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B336E98-6E84-41CA-8EF2-2E8D67B9B247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:proxim:ap-700:2.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A1BE5EA-F7B6-4A4D-A527-DFD074B37D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:proxim:ap-700:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "08771AE2-6096-4268-A0A8-28041ED49D48",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of \"12345\", which allows remote attackers to bypass authentication."
    }
  ],
  "id": "CVE-2005-3253",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-16T11:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18047"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18057"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/22091"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18047"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18057"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/22091"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2931"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2005-3253

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2005-3253

Aliases

CVE-2005-3253

JSON

To clipboard Create KEV Entry

{
  "GSD": {
    "alias": "CVE-2005-3253",
    "description": "Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of \"12345\", which allows remote attackers to bypass authentication.",
    "id": "GSD-2005-3253"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2005-3253"
      ],
      "details": "Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of \"12345\", which allows remote attackers to bypass authentication.",
      "id": "GSD-2005-3253",
      "modified": "2023-12-13T01:20:13.039291Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2005-3253",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of \"12345\", which allows remote attackers to bypass authentication."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "22091",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/22091"
          },
          {
            "name": "18047",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/18047"
          },
          {
            "name": "18057",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/18057"
          },
          {
            "name": "ADV-2005-2931",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2005/2931"
          },
          {
            "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf",
            "refsource": "CONFIRM",
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf"
          },
          {
            "name": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf",
            "refsource": "CONFIRM",
            "url": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:avaya:wireless_ap-3:2.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:avaya:wireless_ap-4:2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:avaya:wireless_ap-8:2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:avaya:wireless_ap-5:2.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:avaya:wireless_ap-6:2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:avaya:wireless_ap-4:2.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:avaya:wireless_ap-5:2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:avaya:wireless_ap-3:2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:avaya:wireless_ap-6:2.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:avaya:wireless_ap-7:2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:proxim:ap-600:2.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:proxim:ap-700:2.4.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:proxim:ap-2000:2.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:proxim:ap-4000:2.4.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:proxim:ap-4000:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:proxim:ap-700:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3253"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of \"12345\", which allows remote attackers to bypass authentication."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf"
            },
            {
              "name": "18047",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/18047"
            },
            {
              "name": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf"
            },
            {
              "name": "18057",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/18057"
            },
            {
              "name": "22091",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/22091"
            },
            {
              "name": "ADV-2005-2931",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2005/2931"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2011-03-08T02:26Z",
      "publishedDate": "2005-12-16T11:03Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2005-3253 (GCVE-0-2005-3253)

GHSA-72M9-JJ7R-733C

VAR-200512-0658

FKIE_CVE-2005-3253

GSD-2005-3253

Tags

Sightings

Nomenclature