FKIE_CVE-2023-35803

Vulnerability from fkie_nvd - Published: 2023-10-04 22:15 - Updated: 2024-11-21 08:08
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
IQ Engine before 10.6r2 on Extreme Network AP devices has a Buffer Overflow.
References
cve@mitre.orghttps://community.extremenetworks.com/t5/security-advisories-formerly/sa-2023-067-iq-engine-acsd-service-buffer-overflow-cve-2023/ba-p/96472Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://community.extremenetworks.com/t5/security-advisories-formerly/sa-2023-067-iq-engine-acsd-service-buffer-overflow-cve-2023/ba-p/96472Vendor Advisory
Impacted products
Vendor Product Version
extremenetworks iq_engine *
extremenetworks ap3000 -
extremenetworks ap3000x -
extremenetworks ap302w -
extremenetworks ap305c -
extremenetworks ap305c-1 -
extremenetworks ap305cx -
extremenetworks ap4000 -
extremenetworks ap4000-1 -
extremenetworks ap410c -
extremenetworks ap410c-1 -
extremenetworks ap460c -
extremenetworks ap460s12c -
extremenetworks ap460s6c -
extremenetworks ap5010 -
extremenetworks ap5050d -
extremenetworks ap5050u -
extremenetworks ap510c -
extremenetworks ap510cx -
extremenetworks ap630 -
extremenetworks ap650 -
extremenetworks ap650x -
extremenetworks iq_engine *
extremenetworks ap1130 -
extremenetworks ap122 -
extremenetworks ap130 -
extremenetworks ap150w -
extremenetworks ap250 -
extremenetworks ap30 -
extremenetworks ap550 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:extremenetworks:iq_engine:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C0E5BA8-6E68-40EA-8D49-75F235483F71",
              "versionEndExcluding": "10.6r2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap3000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "96D3DFF3-8C35-4860-B904-DDEEA6C68827",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap3000x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4303FD05-94B4-4D42-BBB9-1E5725DC89C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap302w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B393FA2-8528-4977-B2F3-D42FF4A78E5B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap305c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9384ECB-2EAF-4049-A644-481E9BE00FA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap305c-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE2C4A69-7A54-45E9-9940-99272E41FC21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap305cx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "001C25E7-F884-4AFD-80DB-40FB6742292B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap4000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCDCBF18-E614-4F63-8C0A-BF28E47B4D6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap4000-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBA85B9D-5D40-44CA-B345-A9B33E2854D6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap410c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5F69587-452F-474A-9389-F9AFE439285C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap410c-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56CA142E-9947-4854-9F56-1D24F45F7A2D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap460c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E0E816A-C583-4985-94D2-E97B8B87A818",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap460s12c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36189326-1798-4312-B61B-BB9DEFB94028",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap460s6c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4207CD0-E7DF-4DAB-BEE6-93387D5C29BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap5010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E2A0429-3DCB-4E33-9145-D80005B85150",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap5050d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF2B1AB3-EB5D-46B3-B5E0-6A7A8151403E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap5050u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E8E2F84-964A-49CB-B00C-080669298FB6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap510c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8123B7E3-28A2-4786-95B5-804B8FBF0E53",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap510cx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D76938F-9812-4E8D-9C37-1A05FAE27CD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap630:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98AFB5E8-BBBB-401C-AEEC-CF36DBB1D07E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1053DDC0-0385-4A86-80E1-D4424274F550",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap650x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E838B1A4-542F-421E-967C-7437C449E465",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:extremenetworks:iq_engine:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B79A1496-89B4-4871-90B1-D8CB936EFB7C",
              "versionEndExcluding": "10.6r5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap1130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06EE00F8-1B3C-4686-BC66-1015E4C62CAD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap122:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60779E2E-9C16-430C-AAD5-51410B5894E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0BA56D5-E3C8-402F-8852-F7F9864C3A7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap150w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95B91235-8FB7-4BB2-99BC-D53074ECEEE3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2831D50B-3BCE-4166-BDD6-E38317B92E2C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap30:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CCA45A-C187-46AE-825C-0DF85824CD3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:extremenetworks:ap550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BF23B23-0DC0-4C65-BFB1-B09F03902369",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IQ Engine before 10.6r2 on Extreme Network AP devices has a Buffer Overflow."
    },
    {
      "lang": "es",
      "value": "IQ Engine anterior a 10.6r2 en dispositivos Extreme Network AP tiene un desbordamiento de b\u00fafer."
    }
  ],
  "id": "CVE-2023-35803",
  "lastModified": "2024-11-21T08:08:44.527",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-10-04T22:15:09.777",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://community.extremenetworks.com/t5/security-advisories-formerly/sa-2023-067-iq-engine-acsd-service-buffer-overflow-cve-2023/ba-p/96472"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://community.extremenetworks.com/t5/security-advisories-formerly/sa-2023-067-iq-engine-acsd-service-buffer-overflow-cve-2023/ba-p/96472"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.