Wireless Control System@3.2(51) Security Vulnerabilities and Issues — Wireless Control System@3.2(51) CVE List

Lucene search

CiscoWireless Control System3.2(51)

4 matches found

CVE•added 2006/06/28 11:5 p.m.•42 views

CVE-2006-3289

Cross-site scripting (XSS) vulnerability in the login page of the HTTP interface for the Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a "malicious URL".

2.6CVSS5.7AI score0.00515EPSS

CVE•added 2006/06/28 11:5 p.m.•35 views

CVE-2006-3288

Unspecified vulnerability in the TFTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51), when configured to use a directory path name that contains a space character, allows remote authenticated users to read and overwrite arbitrary files via unspecified vectors.

5CVSS6.3AI score0.00831EPSS

CVE•added 2006/06/28 11:5 p.m.•33 views

CVE-2006-3290

HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request.

5CVSS6.3AI score0.00542EPSS

CVE•added 2006/06/28 11:5 p.m.•29 views

CVE-2006-3286

The internal database in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(63) stores a hard-coded username and password in plaintext within unspecified files, which allows remote authenticated users to access the database (aka bug CSCsd15951).

7.5CVSS6.8AI score0.01393EPSS