4 matches found
CVE-2010-2826
Cisco WCS 6.0.x is affected by a SQL injection vulnerability (CVE-2010-2826) in the ORDER BY clause of the Client List screens. The issue allows an authenticated remote attacker to modify system configuration and potentially affect managed devices. The vulnerability is fixed in WCS 6.0.196.0. No ...
CVE-2010-2987
CVE-2010-2987 describes multiple reflected XSS vulnerabilities in Cisco Wireless Control System (WCS) 7.x up to 7.0.163/164, used with Cisco Unified Wireless Network (UWN) Solution 7.x up to 7.0.98.0. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-2986
The CVE-2010-2986 entry concerns Cisco Wireless Control System (WCS) Web UI. A XSS flaw exists in webacs/QuickSearchAction.do within the search feature, allowing remote attackers to inject arbitrary web script or HTML via the searchText parameter. Affected versions include WCS prior to 6.0(194.0)...
CVE-2011-4014
CVE-2011-4014 affects Cisco Wireless Control System (WCS) 7.0, via the TAC Case Attachment tool. The vulnerability allows remote authenticated users to read arbitrary files under webnms/Temp/ through unspecified vectors (Bug ID CSCtq86807). The available sources (NVD entry and Cisco notes) confir...