CVE-2010-1804

Unspecified vulnerability in the network bridge functionality on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 allows remote attackers to cause a denial of service (networking outage) via a crafted DHCP reply.

CVSS v2.0 7.1 HIGH

7.1^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:C

Exploitability : 8.6 / Impact : 6.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html	Patch Vendor Advisory
http://support.apple.com/kb/HT4298	Patch Vendor Advisory
http://www.securitytracker.com/id?1024907

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:h:apple:airport_express_base_station_firmware::::::::
	cpe:2.3:h:apple:airport_express_base_station_firmware:3.84:::::::*
	cpe:2.3:h:apple:airport_express_base_station_firmware:4.0.9:::::::*
	cpe:2.3:h:apple:airport_express_base_station_firmware:6.1:::::::*
	cpe:2.3:h:apple:airport_express_base_station_firmware:6.3:::::::*
	cpe:2.3:h:apple:airport_express_base_station_firmware:7.3.2:::::::*
	cpe:2.3:h:apple:airport_express_base_station_firmware:7.4.1:::::::*
	cpe:2.3:h:apple:airport_extreme_base_station_firmware:5.5:::::::*
	cpe:2.3:h:apple:airport_extreme_base_station_firmware:5.7:::::::*

OR	cpe:2.3:h:apple:airport_express::::::::
	cpe:2.3:h:apple:airport_extreme::::::::
	cpe:2.3:h:apple:time_capsule::::::::

History

No history.

Information

Published : 2010-12-22 03:00

Updated : 2023-12-10 11:03

NVD link : CVE-2010-1804

Mitre link : CVE-2010-1804

CVE.ORG link : CVE-2010-1804

JSON object : View

Products Affected

apple

airport_express
airport_extreme_base_station_firmware
airport_express_base_station_firmware
time_capsule
airport_extreme

CWE

NVD-CWE-noinfo

{"id": "CVE-2010-1804", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-12-22T03:00:01.437", "references": [{"url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html", "tags": ["Patch", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "http://support.apple.com/kb/HT4298", "tags": ["Patch", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "http://www.securitytracker.com/id?1024907", "source": "product-security@apple.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the network bridge functionality on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 allows remote attackers to cause a denial of service (networking outage) via a crafted DHCP reply."}, {"lang": "es", "value": "Vulnerabilidad no especificada en la funcionalidad network bridge en Apple Time Capsule, AirPort Extreme Base Station, y AirPort Express Base Station con firmware anterior a v7.5.2 permite a los atacantes remotos causar una denegcai\u00f3n de servicio (desconexi\u00f3n de red) a trav\u00e9s de peticiones DHCP manipuladas."}], "lastModified": "2011-01-19T06:57:24.977", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:apple:airport_express_base_station_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9226648-A35A-48C7-97B2-B641AF1AC064", "versionEndIncluding": "7.4.2"}, {"criteria": "cpe:2.3:h:apple:airport_express_base_station_firmware:3.84:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BE83F1E-AE73-4EA3-BB24-00AB2CD5E5AE"}, {"criteria": "cpe:2.3:h:apple:airport_express_base_station_firmware:4.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDFC5591-5F55-414F-99EC-EF560F131A01"}, {"criteria": "cpe:2.3:h:apple:airport_express_base_station_firmware:6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9263C8C-E71C-4922-ABCD-ED71AACE2C6A"}, {"criteria": "cpe:2.3:h:apple:airport_express_base_station_firmware:6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64341069-B93B-48F3-946F-4248231B6AA7"}, {"criteria": "cpe:2.3:h:apple:airport_express_base_station_firmware:7.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "508DE2BA-DCA6-4249-B534-30EEFA2548FE"}, {"criteria": "cpe:2.3:h:apple:airport_express_base_station_firmware:7.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3333BFC0-037A-4926-BCBE-C0F0C1204B89"}, {"criteria": "cpe:2.3:h:apple:airport_extreme_base_station_firmware:5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3420DD2D-4B5B-4112-AE49-20FA97608495"}, {"criteria": "cpe:2.3:h:apple:airport_extreme_base_station_firmware:5.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "546C47A2-D8CE-4341-968A-051F81BAF904"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:apple:airport_express:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2C90704-400C-4BA2-9CF5-96C3A42B620E"}, {"criteria": "cpe:2.3:h:apple:airport_extreme:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0B25975-DD1E-430F-9AB0-F363E4BF743B"}, {"criteria": "cpe:2.3:h:apple:time_capsule:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ECA814FD-FE33-44E3-9A40-805E6C9C4ED9"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "product-security@apple.com"}