CVE-2005-3253 - Vulnerability Details - OpenCVE

Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of "12345", which allows remote attackers to bypass authentication.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Avaya	Wireless Ap-3 Wireless Ap-4 Wireless Ap-5 Wireless Ap-6 Wireless Ap-7 Wireless Ap-8
Proxim	Ap-2000 Ap-4000 Ap-600 Ap-700

Configuration 1 [-]

OR	cpe:2.3:a:avaya:wireless_ap-3:2.5:::::::*
	cpe:2.3:a:avaya:wireless_ap-3:2.5.4:::::::*
	cpe:2.3:a:avaya:wireless_ap-4:2.5:::::::*
	cpe:2.3:a:avaya:wireless_ap-4:2.5.4:::::::*
	cpe:2.3:a:avaya:wireless_ap-5:2.5:::::::*
	cpe:2.3:a:avaya:wireless_ap-5:2.5.4:::::::*
	cpe:2.3:a:avaya:wireless_ap-6:2.5:::::::*
	cpe:2.3:a:avaya:wireless_ap-6:2.5.4:::::::*
	cpe:2.3:a:avaya:wireless_ap-7:2.5:::::::*
	cpe:2.3:a:avaya:wireless_ap-8:2.5:::::::*

Configuration 2 [-]

OR	cpe:2.3:h:proxim:ap-2000:2.5.4:::::::*
	cpe:2.3:h:proxim:ap-4000:2.4.12:::::::*
	cpe:2.3:h:proxim:ap-4000:3.0:::::::*
	cpe:2.3:h:proxim:ap-600:2.5.4:::::::*
	cpe:2.3:h:proxim:ap-700:2.4.12:::::::*
	cpe:2.3:h:proxim:ap-700:3.0:::::::*

No data.

References

Link	Providers
http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf
http://secunia.com/advisories/18047
http://secunia.com/advisories/18057
http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf
http://www.osvdb.org/22091
http://www.vupen.com/english/advisories/2005/2931

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-12-16T11:00:00

Updated: 2024-08-07T23:01:59.253Z

Reserved: 2005-10-18T00:00:00

Link: CVE-2005-3253

Vulnrichment

No data.

NVD

Status : Modified

Published: 2005-12-16T11:03:00.000

Modified: 2024-11-21T00:01:27.410

Link: CVE-2005-3253

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-12-15T00:00:00", "descriptions": [{"lang": "en", "value": "Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of \"12345\", which allows remote attackers to bypass authentication."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2006-01-20T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "22091", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/22091"}, {"name": "18047", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18047"}, {"name": "18057", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18057"}, {"name": "ADV-2005-2931", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2005/2931"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-3253", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of \"12345\", which allows remote attackers to bypass authentication."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "22091", "refsource": "OSVDB", "url": "http://www.osvdb.org/22091"}, {"name": "18047", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18047"}, {"name": "18057", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18057"}, {"name": "ADV-2005-2931", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2931"}, {"name": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf"}, {"name": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf", "refsource": "CONFIRM", "url": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T23:01:59.253Z"}, "title": "CVE Program Container", "references": [{"name": "22091", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/22091"}, {"name": "18047", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/18047"}, {"name": "18057", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/18057"}, {"name": "ADV-2005-2931", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2005/2931"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-3253", "datePublished": "2005-12-16T11:00:00", "dateReserved": "2005-10-18T00:00:00", "dateUpdated": "2024-08-07T23:01:59.253Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:avaya:wireless_ap-3:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "BE41CF27-432E-4A11-A804-954195538FB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:wireless_ap-3:2.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "CF5C425E-F670-4DEF-B532-07D8DC66E8CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:wireless_ap-4:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "1485FB74-AD78-40B4-8183-63B11BF27249", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:wireless_ap-4:2.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "92381317-38CE-4B56-B3AC-4465A351EDD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:wireless_ap-5:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "BF560B1A-F41F-4EDE-9172-60AD80EBF9E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:wireless_ap-5:2.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "A7307F22-DB94-4DE4-8873-6A6CA791213C", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:wireless_ap-6:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "D95A1268-ECCF-4AC0-BD14-2D0B9172AEE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:wireless_ap-6:2.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "B95082B7-7B8D-4A7E-9506-592E2399287B", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:wireless_ap-7:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "ABF3A01B-17E5-4683-8EAC-0E174473A5A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:wireless_ap-8:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "BA452029-2FB7-4B84-9DDC-84A3007650CF", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:proxim:ap-2000:2.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "6DD83FFB-8EE9-4551-B36C-4D7CF68EFF29", "vulnerable": true}, {"criteria": "cpe:2.3:h:proxim:ap-4000:2.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "C41ED996-F360-4CC6-9916-EEE454BC5E25", "vulnerable": true}, {"criteria": "cpe:2.3:h:proxim:ap-4000:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7235EE55-1513-45DE-A5A8-E60A0192C35C", "vulnerable": true}, {"criteria": "cpe:2.3:h:proxim:ap-600:2.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7B336E98-6E84-41CA-8EF2-2E8D67B9B247", "vulnerable": true}, {"criteria": "cpe:2.3:h:proxim:ap-700:2.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "9A1BE5EA-F7B6-4A4D-A527-DFD074B37D28", "vulnerable": true}, {"criteria": "cpe:2.3:h:proxim:ap-700:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "08771AE2-6096-4268-A0A8-28041ED49D48", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of \"12345\", which allows remote attackers to bypass authentication."}], "id": "CVE-2005-3253", "lastModified": "2024-11-21T00:01:27.410", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-12-16T11:03:00.000", "references": [{"source": "cve@mitre.org", "url": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/18047"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/18057"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/22091"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2931"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/18047"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18057"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/22091"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2931"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}