CVE-2018-11036

Published May 31, 2018

Last updated 3 days ago

CVSS critical 9.1

Overview

Description: Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, 3.5.1, 3.6.0, and 3.6.1 (Essentials and High Scale) on vSZ, SZ-100, SZ-300, and SCG-200 devices allows remote attackers to obtain sensitive information or modify data.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 9.1
Impact score: 5.2
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 6.4
Impact score: 4.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ruckuswireless:vsz_firmware:3.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9998987C-0AD2-4CDB-9511-2BC9462490AE"
          },
          {
            "criteria": "cpe:2.3:o:ruckuswireless:vsz_firmware:3.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF9AF4FE-6115-4F24-B171-62A5DB74A6BC"
          },
          {
            "criteria": "cpe:2.3:o:ruckuswireless:vsz_firmware:3.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71FD8B5B-EA1B-4ABA-B0A1-CF675F8765F5"
          },
          {
            "criteria": "cpe:2.3:o:ruckuswireless:vsz_firmware:3.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38393B8A-E549-4C07-A73E-BEB6DEB08E6A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:ruckuswireless:vsz:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A1E9A46B-D8E4-489A-8648-28EDDF000E28"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ruckuswireless:scg-200_firmware:3.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF021C98-2D73-48E3-AB05-F69C9D3AD569"
          },
          {
            "criteria": "cpe:2.3:o:ruckuswireless:scg-200_firmware:3.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F95F4D57-D238-47E6-AAF7-8A19B18FC29C"
          },
          {
            "criteria": "cpe:2.3:o:ruckuswireless:scg-200_firmware:3.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7F0BA42-FF78-4F7D-AF63-C731B0C32DD2"
          },
          {
            "criteria": "cpe:2.3:o:ruckuswireless:scg-200_firmware:3.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB65F202-22C7-4E57-8EF3-8BA1DE6A3BA3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:ruckuswireless:scg-200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B1BD8748-6B99-4218-8D76-3A6A5847DB25"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ruckuswireless:sz-300_firmware:3.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45CEB61E-3E81-4F2D-B23E-8332E95C6C23"
          },
          {
            "criteria": "cpe:2.3:o:ruckuswireless:sz-300_firmware:3.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF91774B-2DE9-4478-AD17-D7C4477CE458"
          },
          {
            "criteria": "cpe:2.3:o:ruckuswireless:sz-300_firmware:3.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA61F6F5-591D-45D2-90B2-4096A60BB978"
          },
          {
            "criteria": "cpe:2.3:o:ruckuswireless:sz-300_firmware:3.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9945DADB-81D0-407B-A8C1-FFA9B5A6B228"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:ruckuswireless:sz-300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4087D2FB-0853-40AE-A03F-803B5972A404"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ruckuswireless:sz-100_firmware:3.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ECB56AD5-AE22-4497-852B-EDB12E7B68BC"
          },
          {
            "criteria": "cpe:2.3:o:ruckuswireless:sz-100_firmware:3.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AF9CED5-087A-475B-8A8D-C05F45ADEF57"
          },
          {
            "criteria": "cpe:2.3:o:ruckuswireless:sz-100_firmware:3.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C5A6C11-3349-448B-99E7-1A5AF17E4872"
          },
          {
            "criteria": "cpe:2.3:o:ruckuswireless:sz-100_firmware:3.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A116EBD-77CD-4F93-A1BB-56DDF64F2EA4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:ruckuswireless:sz-100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3B9F3E41-79CA-45B7-B799-B0A64E60BA16"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References