Executive Summary
Summary | |
---|---|
Title | Access Point Web-browser Interface Vulnerability |
Informations | |||
---|---|---|---|
Name | cisco-sa-20060628-ap | First vendor Publication | 2006-06-26 |
Vendor | Cisco | Last vendor Modification | 2006-09-20 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The Cisco web-browser interface for Cisco access points contains a vulnerability that could, under certain circumstances, remove the default security configuration from the managed access point and allow administrative access without validation of administrative user credentials. |
Original Source
Url : http://www.cisco.com/warp/public/707/cisco-sa-20060628-ap.shtml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-16 | Configuration |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 2 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
26878 | Cisco Wireless Access Point Local User List Only Configuration Weakness Authe... Cisco Wireless Access Point contains a flaw that may allow a malicious user to gain unauthorized administrative access. The issue is triggered when the 'Local User List Only' mode is turned on, which removes all security and password configurations. It is possible that the flaw may allow remote users to access the system resulting in a loss of confidentiality. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-09-01 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20060628-aphttp.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 10:21:50 |
|