Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2009-2822


AirPort Utility before 5.5.1 for Apple AirPort Base Station does not properly distribute MAC address ACLs to network extenders, which allows remote attackers to bypass intended access restrictions via an 802.11 authentication frame.


Published

2010-04-05T16:30:00.407

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 6.8 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

8.6

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-264

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application apple airport_utility ≤ 5.4.2 Yes
Application apple airport_utility 5.0 Yes
Application apple airport_utility 5.3.1 Yes
Application apple airport_utility 5.3.2 Yes
Application apple airport_utility 5.4.1 Yes
Hardware apple airport_base_station * No

References