CVE-2018-11036: Infoleak
First published: Thu May 31 2018(Updated: )
Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, 3.5.1, 3.6.0, and 3.6.1 (Essentials and High Scale) on vSZ, SZ-100, SZ-300, and SCG-200 devices allows remote attackers to obtain sensitive information or modify data.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ruckus Wireless VSZ | =3.5.0 | |
| Ruckus Wireless VSZ | =3.5.1 | |
| Ruckus Wireless VSZ | =3.6.0 | |
| Ruckus Wireless VSZ | =3.6.1 | |
| Ruckus Wireless VSZ | ||
| ruckuswireless SCG-200 | =3.5.0 | |
| ruckuswireless SCG-200 | =3.5.1 | |
| ruckuswireless SCG-200 | =3.6.0 | |
| ruckuswireless SCG-200 | =3.6.1 | |
| Ruckus Wireless SCG-200 firmware | ||
| Ruckus Wireless SZ-300 Firmware | =3.5.0 | |
| Ruckus Wireless SZ-300 Firmware | =3.5.1 | |
| Ruckus Wireless SZ-300 Firmware | =3.6.0 | |
| Ruckus Wireless SZ-300 Firmware | =3.6.1 | |
| Ruckus Wireless SZ-300 Firmware | ||
| Ruckus Wireless SZ-100 Firmware | =3.5.0 | |
| Ruckus Wireless SZ-100 Firmware | =3.5.1 | |
| Ruckus Wireless SZ-100 Firmware | =3.6.0 | |
| Ruckus Wireless SZ-100 Firmware | =3.6.1 | |
| Ruckus Wireless SZ-100 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-11036?
CVE-2018-11036 has a medium severity level due to the potential for sensitive information disclosure and data modification.
Which versions are affected by CVE-2018-11036?
CVE-2018-11036 affects Ruckus SmartZone versions 3.5.0, 3.5.1, 3.6.0, and 3.6.1, as well as related firmware for SZ-100, SZ-300, and SCG-200 devices.
How do I fix CVE-2018-11036?
To fix CVE-2018-11036, you should upgrade Ruckus SmartZone to version 3.6.2 or later.
What type of vulnerability is CVE-2018-11036?
CVE-2018-11036 is classified as an information disclosure and data modification vulnerability.
Who is affected by CVE-2018-11036?
Organizations using Ruckus SmartZone firmware versions 3.5.0 through 3.6.1 are vulnerable to CVE-2018-11036.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ruckuswireless
- canonical/ruckus wireless vsz
- version/ruckus wireless vsz/3.5.0
- version/ruckus wireless vsz/3.5.1
- version/ruckus wireless vsz/3.6.0
- version/ruckus wireless vsz/3.6.1
- canonical/ruckuswireless scg-200
- version/ruckuswireless scg-200/3.5.0
- version/ruckuswireless scg-200/3.5.1
- version/ruckuswireless scg-200/3.6.0
- version/ruckuswireless scg-200/3.6.1
- canonical/ruckus wireless scg-200 firmware
- canonical/ruckus wireless sz-300 firmware
- version/ruckus wireless sz-300 firmware/3.5.0
- version/ruckus wireless sz-300 firmware/3.5.1
- version/ruckus wireless sz-300 firmware/3.6.0
- version/ruckus wireless sz-300 firmware/3.6.1
- canonical/ruckus wireless sz-100 firmware
- version/ruckus wireless sz-100 firmware/3.5.0
- version/ruckus wireless sz-100 firmware/3.5.1
- version/ruckus wireless sz-100 firmware/3.6.0
- version/ruckus wireless sz-100 firmware/3.6.1