CVE-2023-49225

Summary

A cross-site-scripting vulnerability exists in Ruckus Access Point products (ZoneDirector, SmartZone, and AP Solo). If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is logging in the product. As for the affected products/models/versions, see the information provided by the vendor listed under [References] section or the list under [Product Status] section.

Affected Software

VendorProductVersion RangeStatus
CommScope, Inc.ZoneDirector10.5.1 and earlieraffected
CommScope, Inc.SmartZone6.1.1 and earlieraffected
CommScope, Inc.AP Solo R750114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo R650114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo R730114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo T750114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo R550114.0.0.0.5585 and earlieraffected
CommScope, Inc.AP Solo R850114.0.0.0.5585 and earlieraffected
CommScope, Inc.AP Solo T750SE114.0.0.0.5585 and earlieraffected
CommScope, Inc.AP Solo R510114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo T310D114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo E510114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo C110114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo R320114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo H510114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo H320114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo T310S114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo T310N114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo T310C114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo T305114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo M510114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo R720114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo R710114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo T710114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo T710s114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo T610114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo T610s114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo R610114.0.0.0.6565 and earlieraffected
CommScope, Inc.AP Solo R310110.0.0.0.2014 and earlieraffected
CommScope, Inc.AP Solo R760118.1.0.0.1274 and earlieraffected
CommScope, Inc.AP Solo R560118.1.0.0.1908 and earlieraffected
CommScope, Inc.AP Solo H550116.0.0.0.1506 and earlieraffected
CommScope, Inc.AP Solo H350116.0.0.0.3128 and earlieraffected
CommScope, Inc.AP Solo T350c116.0.0.0.1543 and earlieraffected
CommScope, Inc.AP Solo T350d116.0.0.0.1543 and earlieraffected
CommScope, Inc.AP Solo T350se116.0.0.0.3136 and earlieraffected
CommScope, Inc.AP Solo R350116.0.0.0.1655 and earlieraffected

Weaknesses

  • Cross-site scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References