Vulnerabilities > CVE-2015-6336 - Credentials Management vulnerability in Cisco Aironet Access Point Software

CVSS 7.3 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

LOW

network

low complexity

cisco

CWE-255

NVD

Published: 2016-01-15

Updated: 2016-12-07

Summary

Cisco Aironet 1800 devices with software 7.2, 7.3, 7.4, 8.1(112.3), 8.1(112.4), and 8.1(15.14) have a default account, which makes it easier for remote attackers to obtain access via unspecified vectors, aka Bug ID CSCuw58062.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco Aironet Access Point Software 7.2_Base Cisco Aironet Access Point Software 7.3_Base Cisco Aironet Access Point Software 7.4_Base Cisco Aironet Access Point Software 8.1\(15.14\) Cisco Aironet Access Point Software 8.1\(112.3\) Cisco Aironet Access Point Software 8.1\(112.4\)	6
Hardware	Cisco Cisco Aironet 1830E * Cisco Aironet 1830I * Cisco Aironet 1850E * Cisco Aironet 1850I *	4

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References