Lucene search
K

1577 matches found

NVD
NVD
added 2007/04/16 9:19 p.m.16 views

CVE-2007-2034

Unspecified vulnerability in Cisco Wireless Control System WCS before 4.0.87.0 allows remote authenticated users to gain the privileges of the SuperUsers group, and manage the application and its networks, related to the group membership of user accounts, aka Bug ID CSCsg05190...

9CVSS6.5AI score0.02098EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2007/04/16 9:19 p.m.3 views

CVE-2007-2034

Unspecified vulnerability in Cisco Wireless Control System WCS before 4.0.87.0 allows remote authenticated users to gain the privileges of the SuperUsers group, and manage the application and its networks, related to the group membership of user accounts, aka Bug ID CSCsg05190...

9CVSS5.6AI score0.02098EPSS
Exploits0References8
Prion
Prion
added 2007/04/16 9:19 p.m.14 views

Hardcoded credentials

Cisco Wireless Control System WCS before 4.0.96.0 has a hard-coded FTP username and password for backup operations, which allows remote attackers to read and modify arbitrary files via unspecified vectors related to "properties of the FTP server," aka Bug ID CSCse93014...

7.5CVSS7.5AI score0.01661EPSS
Exploits0References7Affected Software1
Prion
Prion
added 2007/04/16 9:19 p.m.11 views

Design/Logic Flaw

Unspecified vulnerability in Cisco Wireless Control System WCS before 4.0.81.0 allows remote authenticated users to read any configuration page by changing the group membership of user accounts, aka Bug ID CSCse78596...

6.5CVSS6.6AI score0.01341EPSS
Exploits0References7Affected Software1
Prion
Prion
added 2007/04/16 9:19 p.m.18 views

Improper access control

Cisco Wireless Control System WCS before 4.0.66.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain network organization data via a direct request for files in certain directories, aka Bug ID CSCsg04301...

7.8CVSS6.7AI score0.01743EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2007/04/16 9:0 p.m.19 views

CVE-2007-2032

Cisco Wireless Control System WCS before 4.0.96.0 has a hard-coded FTP username and password for backup operations, which allows remote attackers to read and modify arbitrary files via unspecified vectors related to "properties of the FTP server," aka Bug ID CSCse93014...

6.9AI score0.01661EPSS
Exploits0References7
Cvelist
Cvelist
added 2007/04/16 9:0 p.m.18 views

CVE-2007-2034

Unspecified vulnerability in Cisco Wireless Control System WCS before 4.0.87.0 allows remote authenticated users to gain the privileges of the SuperUsers group, and manage the application and its networks, related to the group membership of user accounts, aka Bug ID CSCsg05190...

6.5AI score0.02098EPSS
Exploits0References7
Cvelist
Cvelist
added 2007/04/16 9:0 p.m.20 views

CVE-2007-2035

Cisco Wireless Control System WCS before 4.0.66.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain network organization data via a direct request for files in certain directories, aka Bug ID CSCsg04301...

6.2AI score0.01743EPSS
Exploits0References7
CVE
CVE
added 2007/04/16 9:0 p.m.44 views

CVE-2007-2033

Summary (CVE-2007-2033) : Cisco Wireless Control System (WCS) is affected by an unspecified vulnerability in versions before 4.0.81.0. The issue allows remote authenticated users to read any configuration page by changing the group membership of user accounts (Bug ID CSCse78596). The NVD entry li...

6.5CVSS6.1AI score0.01341EPSS
Exploits0References7Affected Software1
securityvulns
securityvulns
added 2007/04/13 12:0 a.m.27 views

Cisco Wireless Control System multiple security vulnerabilities

Hardcoded unchangable FTP server account, privilege escalation thorugh group membership, information leaks...

9CVSS1.6AI score0.02098EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2007/04/13 12:0 a.m.38 views

Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless Control System

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless Control System Advisory ID: cisco-sa-20070412-wcs http://www.cisco.com/warp/public/707/cisco-sa-20070412-wcs.shtml Revision 1.0 For Public Release 2007 April 12 1600 UTC GMT -...

0.9AI score
Exploits0
Cisco
Cisco
added 2007/04/12 4:56 p.m.29 views

Cisco Wireless Control System Privilege Escalation Vulnerability

Cisco Wireless Control System WCS versions prior to 4.0.87.0 contains a vulnerability that could allow an authenticated, remote attacker to gain escalated privileges on the affected system. This vulnerability exists due to insufficient access controls on the Cisco WCS configuration page used to...

9CVSS6.5AI score0.02098EPSS
Exploits0References1
Cisco
Cisco
added 2007/04/12 4:0 p.m.26 views

Multiple Vulnerabilities in the Cisco Wireless Control System

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS6.1AI score0.01743EPSS
Exploits0References1
Prion
Prion
added 2007/03/16 9:19 p.m.20 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in 1 PreSearch.html and 2 PreSearch.class in Cisco Secure Access Control Server ACS, VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage...

3.5CVSS6AI score0.01192EPSS
Exploits0References9Affected Software3
NVD
NVD
added 2006/06/28 11:5 p.m.19 views

CVE-2006-3287

Cisco Wireless Control System WCS for Linux and Windows 4.01 and earlier uses a default administrator username "root" and password "public," which allows remote attackers to gain access aka bug CSCse21391...

7.5CVSS7.1AI score0.02632EPSS
Exploits0References7
NVD
NVD
added 2006/06/28 11:5 p.m.15 views

CVE-2006-3286

The internal database in Cisco Wireless Control System WCS for Linux and Windows before 3.263 stores a hard-coded username and password in plaintext within unspecified files, which allows remote authenticated users to access the database aka bug CSCsd15951...

7.5CVSS6.5AI score0.02632EPSS
Exploits0References7
NVD
NVD
added 2006/06/28 11:5 p.m.15 views

CVE-2006-3290

HTTP server in Cisco Wireless Control System WCS for Linux and Windows before 3.251 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request...

5CVSS6.2AI score0.02314EPSS
Exploits0References7
Cvelist
Cvelist
added 2006/06/28 11:0 p.m.18 views

CVE-2006-3286

The internal database in Cisco Wireless Control System WCS for Linux and Windows before 3.263 stores a hard-coded username and password in plaintext within unspecified files, which allows remote authenticated users to access the database aka bug CSCsd15951...

6.5AI score0.02632EPSS
Exploits0References7
CVE
CVE
added 2006/06/28 11:0 p.m.40 views

CVE-2006-3286

The CVE-2006-3286 entry concerns Cisco Wireless Control System (WCS) for Linux and Windows prior to 3.2(63). The vulnerability arises from a hard-coded username and password stored in plaintext in unspecified files within the WCS database, enabling remote authenticated users to access the databas...

7.5CVSS6.8AI score0.02632EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2006/06/28 11:0 p.m.29 views

CVE-2006-3289

Cross-site scripting XSS vulnerability in the login page of the HTTP interface for the Cisco Wireless Control System WCS for Linux and Windows before 3.251 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a "malicious URL"...

5.7AI score0.01992EPSS
Exploits0References7
Rows per page
Query Builder