Lucene search
K
CiscoWireless Control System

13 matches found

CVE
CVE
added 2007/03/16 9:0 p.m.68 views

CVE-2007-1467

The CVE-2007-1467 entry describes multiple cross-site scripting (XSS) vulnerabilities affecting Cisco Secure Access Control Server and related Cisco products. The root issue is insufficient input filtering in the search form used by PreSearch.html and PreSearch.class, allowing remote attackers to...

3.5CVSS5.7AI score0.01192EPSS
CVE
CVE
added 2007/10/12 1:0 a.m.61 views

CVE-2007-5382

The CVE-2007-5382 entry concerns the CiscoWorks WLSE conversion utility (versions 4.1.91.0 and earlier) that converts to Cisco WCS. The underlying issue is that the conversion process creates administrator accounts with default usernames and passwords, enabling remote attackers to gain privileges...

10CVSS7AI score0.02566EPSS
CVE
CVE
added 2013/09/06 10:0 a.m.55 views

CVE-2012-5990

CVE-2012-5990 describes reflected XSS in the Health Monitor login pages of Cisco Prime NCS/WCS. Affected component: Health Monitor Login pages. Root cause: input validation error leading to reflection of HTML/script (CWE-79). Impact stated: attacker can execute arbitrary script in the user’s brow...

4.3CVSS5.8AI score0.01531EPSS
CVE
CVE
added 2006/06/28 11:0 p.m.54 views

CVE-2006-3289

CVE-2006-3289 denotes a cross-site scripting (XSS) vulnerability in the login page of Cisco Wireless Control System (WCS) HTTP interface for Linux and Windows, affected in versions prior to 3.2(51). The issue allows remote attackers to inject arbitrary web script or HTML via vectors involving a m...

2.6CVSS5.7AI score0.01992EPSS
CVE
CVE
added 2007/04/16 9:0 p.m.53 views

CVE-2007-2032

Cisco Wireless Control System (WCS) prior to 4.0.96.0 contains a hard-coded FTP username and password used for backup operations. This credential flaw can allow remote attackers to read and modify arbitrary files via unspecified vectors related to the FTP server’s properties (Bug CSCse93014). The...

7.5CVSS6.9AI score0.01661EPSS
CVE
CVE
added 2006/06/28 10:0 p.m.50 views

CVE-2006-3285

The CVE-2006-3285 entry concerns Cisco Wireless Control System (WCS) prior to version 3.2(51). The internal database uses an undocumented, hard-coded username and password, enabling remote authenticated users to read and potentially modify sensitive configuration data (CSCsd15955). Connected docu...

7.5CVSS6.4AI score0.02632EPSS
CVE
CVE
added 2006/06/28 11:0 p.m.50 views

CVE-2006-3288

CVE-2006-3288 affects Cisco Wireless Control System (WCS) TFTP server on Linux/Windows. The vulnerability arises when the configured directory path name contains a space character, allowing remote authenticated users to read and overwrite arbitrary files via unspecified vectors. Affected versions...

5CVSS6.3AI score0.02297EPSS
CVE
CVE
added 2007/04/16 9:0 p.m.44 views

CVE-2007-2033

Summary (CVE-2007-2033) : Cisco Wireless Control System (WCS) is affected by an unspecified vulnerability in versions before 4.0.81.0. The issue allows remote authenticated users to read any configuration page by changing the group membership of user accounts (Bug ID CSCse78596). The NVD entry li...

6.5CVSS6.1AI score0.01341EPSS
CVE
CVE
added 2007/04/16 9:0 p.m.44 views

CVE-2007-2034

Cisco Wireless Control System (WCS) prior to 4.0.87.0 contains a privilege-escalation flaw that, when authenticated to WCS, allows a remote attacker to add their account to the SuperUsers group via the configuration page due to insufficient access controls. Impacted component: WCS application and...

9CVSS6.5AI score0.02098EPSS
CVE
CVE
added 2006/06/28 11:0 p.m.43 views

CVE-2006-3290

Cisco WCS on Linux/Windows prior to 3.2(51) stores sensitive information under the web root with insufficient access control, enabling remote retrieval of usernames and directory paths via a direct URL. Affected product: Cisco Wireless Control System (WCS). Root cause: improper access control ove...

5CVSS6.3AI score0.02314EPSS
CVE
CVE
added 2007/04/16 9:0 p.m.43 views

CVE-2007-2035

Cisco Wireless Control System (WCS) before 4.0.66.0 stores sensitive information under the web root with insufficient access control, allowing remote attackers to obtain network organization data by direct requests to files in certain directories. This summary is based on the primary CVE-2007-203...

7.8CVSS6.2AI score0.01743EPSS
CVE
CVE
added 2006/06/28 11:0 p.m.42 views

CVE-2006-3287

Cisco Wireless Control System (WCS) for Linux and Windows 4.0(1) and earlier is affected by a credential disclosure issue due to a default administrator username "root" and password "public," which allows remote attackers to gain access. This exposes partial confidentiality, integrity, and availa...

7.5CVSS7.1AI score0.02632EPSS
CVE
CVE
added 2006/06/28 11:0 p.m.40 views

CVE-2006-3286

The CVE-2006-3286 entry concerns Cisco Wireless Control System (WCS) for Linux and Windows prior to 3.2(63). The vulnerability arises from a hard-coded username and password stored in plaintext in unspecified files within the WCS database, enabling remote authenticated users to access the databas...

7.5CVSS6.8AI score0.02632EPSS