{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-07-28T14:46:12", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://support.ruckuswireless.com/security_bulletins/304"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-13915", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://support.ruckuswireless.com/security_bulletins/304", "refsource": "CONFIRM", "url": "https://support.ruckuswireless.com/security_bulletins/304"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-13915", "datePublished": "2020-07-28T14:46:12", "dateReserved": "2020-06-07T00:00:00", "dateUpdated": "2020-07-28T14:46:12", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ruckuswireless:unleashed_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C3C6FE6A-B160-4C64-B900-9F5637EE2EF4", "versionEndIncluding": "200.7.10.102.92", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ruckuswireless:c110:-:*:*:*:*:*:*:*", "matchCriteriaId": "A77671DB-6197-4C8D-B667-A0081350E5AF", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:e510:-:*:*:*:*:*:*:*", "matchCriteriaId": "FBF5C92C-C889-4732-BB00-E6D55613E410", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:h320:-:*:*:*:*:*:*:*", "matchCriteriaId": "282C3A1D-711C-4415-B9BE-A9B518204AEB", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:h510:-:*:*:*:*:*:*:*", "matchCriteriaId": "CB1FAB48-786A-4FB3-AB6D-3118E94E68C7", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:m510:-:*:*:*:*:*:*:*", "matchCriteriaId": "D4AE7200-4090-4B81-A22F-B8553A014D21", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:r310:-:*:*:*:*:*:*:*", "matchCriteriaId": "40D3129E-4C02-484F-96B6-59D76F787D21", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:r320:-:*:*:*:*:*:*:*", "matchCriteriaId": "93CE3224-85D2-4039-8F24-BB503DFD42C2", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:r500:-:*:*:*:*:*:*:*", "matchCriteriaId": "9BBDBE9C-BE4B-4ED6-AF62-8FE484C519E2", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:r510:-:*:*:*:*:*:*:*", "matchCriteriaId": "80B2E8CC-EACE-4A80-9EB1-DADAB8034415", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:r600:-:*:*:*:*:*:*:*", "matchCriteriaId": "5421B1D7-E630-4BDA-BA34-7DD8D0738DF4", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:r610:-:*:*:*:*:*:*:*", "matchCriteriaId": "4244947C-538E-4B83-B4F4-3DD4F3C22E83", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:r710:-:*:*:*:*:*:*:*", "matchCriteriaId": "E95884E9-C6AF-4106-A178-9274AD27EF65", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:r720:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDFDAF0A-9F5D-4E34-805E-6F27103AAA32", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:r750:-:*:*:*:*:*:*:*", "matchCriteriaId": "BA49CB45-1196-4AD7-8AB6-C5593BBF015F", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:t300:-:*:*:*:*:*:*:*", "matchCriteriaId": "0511674E-59A6-427C-A265-B277D84DE301", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:t301n:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBB7A43E-F5F1-465A-841F-05214EDA6833", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:t301s:-:*:*:*:*:*:*:*", "matchCriteriaId": "68C4D9AC-5B1C-4066-8216-3F7127C3CC64", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:t310c:-:*:*:*:*:*:*:*", "matchCriteriaId": "BFB69C4E-2B4F-4F61-8A65-9BA0354F33E3", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:t310d:-:*:*:*:*:*:*:*", "matchCriteriaId": "C2D3E8C6-4676-4B74-A252-132A26670C64", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:t310n:-:*:*:*:*:*:*:*", "matchCriteriaId": "2ED4C9B4-7F70-4059-8592-FD3F034160C3", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:t310s:-:*:*:*:*:*:*:*", "matchCriteriaId": "72378D4B-ADB5-4DE5-BB92-1778BDFD61FC", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:t610:-:*:*:*:*:*:*:*", "matchCriteriaId": "210D55AB-9305-4D0B-B9F0-47889D37373B", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:t710:-:*:*:*:*:*:*:*", "matchCriteriaId": "A40B9489-D999-4355-953E-36A7F8DEF299", "vulnerable": false}, {"criteria": "cpe:2.3:h:ruckuswireless:t710s:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CFF0772-D853-4781-B326-E3BDEAC78EE0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices."}, {"lang": "es", "value": "Los permisos no seguros en emfd/libemf en Ruckus Wireless Unleashed versiones hasta 200.7.10.102.92, permiten a un atacante remoto sobrescribir las credenciales de administrador por medio de una petici\u00f3n HTTP no autenticada. Esto afecta a los dispositivos C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, y T710"}], "id": "CVE-2020-13915", "lastModified": "2021-07-21T11:39:23.747", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-07-28T15:15:11.640", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://support.ruckuswireless.com/security_bulletins/304"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-522"}, {"lang": "en", "value": "CWE-732"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}