{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-03-31T00:00:00", "descriptions": [{"lang": "en", "value": "AirPort Utility before 5.5.1 for Apple AirPort Base Station does not properly distribute MAC address ACLs to network extenders, which allows remote attackers to bypass intended access restrictions via an 802.11 authentication frame."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "APPLE-SA-2010-03-31-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00004.html"}, {"name": "1023801", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1023801"}, {"name": "ADV-2010-0778", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/0778"}, {"name": "39134", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/39134"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT3958"}, {"name": "airportbasestation-acl-security-bypass(57434)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57434"}, {"name": "39160", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/39160"}, {"name": "63420", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/63420"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-2822", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "AirPort Utility before 5.5.1 for Apple AirPort Base Station does not properly distribute MAC address ACLs to network extenders, which allows remote attackers to bypass intended access restrictions via an 802.11 authentication frame."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "APPLE-SA-2010-03-31-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00004.html"}, {"name": "1023801", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1023801"}, {"name": "ADV-2010-0778", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0778"}, {"name": "39134", "refsource": "BID", "url": "http://www.securityfocus.com/bid/39134"}, {"name": "http://support.apple.com/kb/HT3958", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT3958"}, {"name": "airportbasestation-acl-security-bypass(57434)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57434"}, {"name": "39160", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/39160"}, {"name": "63420", "refsource": "OSVDB", "url": "http://www.osvdb.org/63420"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-2822", "datePublished": "2010-04-05T16:00:00", "dateReserved": "2009-08-17T00:00:00", "dateUpdated": "2017-08-16T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:airport_utility:*:*:*:*:*:*:*:*", "matchCriteriaId": "C2F999B5-C91C-43D2-8531-7CBB0DF86ECD", "versionEndIncluding": "5.4.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:airport_utility:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F1BA856F-6D42-42AC-B975-2A7927536E50", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:airport_utility:5.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "6AB57FF2-5355-4206-AF27-846B3D5E2630", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:airport_utility:5.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "4D4F51A7-50DC-4392-9729-359AE02BEF66", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:airport_utility:5.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "28375618-90B2-4A94-BDFC-D960A3237F88", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:apple:airport_base_station:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E207B64-7129-48BD-9EAE-7773ECDDBBC0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "AirPort Utility before 5.5.1 for Apple AirPort Base Station does not properly distribute MAC address ACLs to network extenders, which allows remote attackers to bypass intended access restrictions via an 802.11 authentication frame."}, {"lang": "es", "value": "AirPort Utility anteriores a v5.5.1 para Apple AirPort Base Station no reparte listas de control de acceso (ACL) de direcciones MAC a los extendedores de redes, lo que permite a atacantes remotos saltarse la citadas restricciones de acceso a trav\u00e9s de un marco de autenticaci\u00f3n 802.11."}], "id": "CVE-2009-2822", "lastModified": "2017-08-17T01:30:55.380", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-04-05T16:30:00.407", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00004.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/39160"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1023801"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://support.apple.com/kb/HT3958"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/63420"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/39134"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0778"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57434"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}