Cisco Wireless Control System 4.0

CPE Details

Cisco Wireless Control System 4.0
cisco
wireless_control_system
4.0
2007-08-23
19h16 +00:00
2008-04-01
12h41 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:h:cisco:wireless_control_system:4.0:*:*:*:*:*:*:*

Informations

Vendor

cisco

Product

wireless_control_system

Version

4.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2012-5990 2013-09-06 10h00 +00:00 Multiple cross-site scripting (XSS) vulnerabilities in Health Monitor Login pages in Cisco Prime Network Control System (NCS) and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud18375.
4.3
CVE-2007-2032 2007-04-16 19h00 +00:00 Cisco Wireless Control System (WCS) before 4.0.96.0 has a hard-coded FTP username and password for backup operations, which allows remote attackers to read and modify arbitrary files via unspecified vectors related to "properties of the FTP server," aka Bug ID CSCse93014.
7.5
CVE-2007-2033 2007-04-16 19h00 +00:00 Unspecified vulnerability in Cisco Wireless Control System (WCS) before 4.0.81.0 allows remote authenticated users to read any configuration page by changing the group membership of user accounts, aka Bug ID CSCse78596.
6.5
CVE-2007-2034 2007-04-16 19h00 +00:00 Unspecified vulnerability in Cisco Wireless Control System (WCS) before 4.0.87.0 allows remote authenticated users to gain the privileges of the SuperUsers group, and manage the application and its networks, related to the group membership of user accounts, aka Bug ID CSCsg05190.
9
CVE-2007-2035 2007-04-16 19h00 +00:00 Cisco Wireless Control System (WCS) before 4.0.66.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain network organization data via a direct request for files in certain directories, aka Bug ID CSCsg04301.
7.8
CVE-2007-1467 2007-03-16 20h00 +00:00 Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form.
3.5
CVE-2006-3287 2006-06-28 21h00 +00:00 Cisco Wireless Control System (WCS) for Linux and Windows 4.0(1) and earlier uses a default administrator username "root" and password "public," which allows remote attackers to gain access (aka bug CSCse21391).
7.5
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.