Executive Summary

Summary
Title Default Password in Wireless Location Appliance
Informations
Name cisco-sa-20061012-wla First vendor Publication 2006-10-09
Vendor Cisco Last vendor Modification 2006-10-12
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The Cisco Wireless Location Appliance software contains a default password for the 'root' administrative account. A user who logs in using this username has complete control of the device.

Original Source

Url : http://www.cisco.com/warp/public/707/cisco-sa-20061012-wla.shtml

CPE : Common Platform Enumeration

TypeDescriptionCount
Hardware 1

Open Source Vulnerability Database (OSVDB)

Id Description
30913 Cisco 2700 Wireless Location Appliance Default root Account Password

By default, Wireless Location Appliance installs with a default password. The 'root' account has a password of 'password' which is publicly known and documented. This allows attackers to trivially access the program or system.

Nessus® Vulnerability Scanner

Date Description
2008-04-11 Name : An administrative account on the remote host uses known default password.
File : account_root_dottie.nasl - Type : ACT_GATHER_INFO
2007-03-01 Name : An administrative account on the remote host uses a weak password.
File : account_root_password.nasl - Type : ACT_GATHER_INFO