Vulnerabilities > CVE-2006-3285 - Multiple Security vulnerability in Cisco Wireless Control System 3.2(40)
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The internal database in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) uses an undocumented, hard-coded username and password, which allows remote authenticated users to read, and possibly modify, sensitive configuration data (aka bugs CSCsd15955).
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Hardware | 2 |
References
- http://secunia.com/advisories/20870
- http://securitytracker.com/id?1016398
- http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml
- http://www.osvdb.org/26884
- http://www.securityfocus.com/bid/18701
- http://www.vupen.com/english/advisories/2006/2583
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27438