CVE-2005-3253

Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of "12345", which allows remote attackers to bypass authentication.

Published: 2005-12-16 Last update: 2026-04-16 Assigner: [email protected] Source: [email protected]

NVD Status：Modified，CVE State: published

View at NVD, CVE.org, EUVD

Conclusion & alert: CVE-2005-3253 is rated Moderate Risk (56.9/100): CVSS High severity, with medium exploitation likelihood (EPSS 1.01%). Mandatory action: Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2005-3253

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2025-03-17	0.62%	1.01%	+0.40%
2	2024-12-17	0.69%	0.62%	-0.08%
3	2024-11-22	—	0.69%	—

Full EPSS history (7 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2005-3253

CVSS metrics for this CVE.

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
7.5	2.0	HIGH	`AV:N/AC:L/Au:N/C:P/I:P/A:P` Click to expand Access vector (AV:N) Can be exploited remotely over network reachability. Access complexity (AC:L) Exploitation conditions are straightforward and predictable. Authentication (AU:N) No authentication is required. Confidentiality impact (C:P) Partial confidentiality impact. Integrity impact (I:P) Partial integrity impact. Availability impact (A:P) Partial availability impact.	10.0	6.4	[email protected]

Weakness enumeration for CVE-2005-3253

Affected software / configurations for CVE-2005-3253

Vendor	Product	Version	Raw CPE
avaya	wireless_ap-3	2.5	cpe:2.3:a:avaya:wireless_ap-3:2.5:::::::*
avaya	wireless_ap-3	2.5.4	cpe:2.3:a:avaya:wireless_ap-3:2.5.4:::::::*
avaya	wireless_ap-4	2.5	cpe:2.3:a:avaya:wireless_ap-4:2.5:::::::*
avaya	wireless_ap-4	2.5.4	cpe:2.3:a:avaya:wireless_ap-4:2.5.4:::::::*
avaya	wireless_ap-5	2.5	cpe:2.3:a:avaya:wireless_ap-5:2.5:::::::*
avaya	wireless_ap-5	2.5.4	cpe:2.3:a:avaya:wireless_ap-5:2.5.4:::::::*
avaya	wireless_ap-6	2.5	cpe:2.3:a:avaya:wireless_ap-6:2.5:::::::*
avaya	wireless_ap-6	2.5.4	cpe:2.3:a:avaya:wireless_ap-6:2.5.4:::::::*
avaya	wireless_ap-7	2.5	cpe:2.3:a:avaya:wireless_ap-7:2.5:::::::*
avaya	wireless_ap-8	2.5	cpe:2.3:a:avaya:wireless_ap-8:2.5:::::::*
proxim	ap-2000	2.5.4	cpe:2.3:h:proxim:ap-2000:2.5.4:::::::*
proxim	ap-4000	2.4.12	cpe:2.3:h:proxim:ap-4000:2.4.12:::::::*
proxim	ap-4000	3.0	cpe:2.3:h:proxim:ap-4000:3.0:::::::*
proxim	ap-600	2.5.4	cpe:2.3:h:proxim:ap-600:2.5.4:::::::*
proxim	ap-700	2.4.12	cpe:2.3:h:proxim:ap-700:2.4.12:::::::*
proxim	ap-700	3.0	cpe:2.3:h:proxim:ap-700:3.0:::::::*

References for CVE-2005-3253

URL	Tags
http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf
http://secunia.com/advisories/18047	Patch Vendor Advisory
http://secunia.com/advisories/18057
http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf	Patch Vendor Advisory
http://www.osvdb.org/22091
http://www.vupen.com/english/advisories/2005/2931

cvelogic Threat Intelligence