This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Cisco First view 2007-04-16
Product Wireless Control System Last view 2007-04-16
Version 4.0.95 Type Hardware
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:h:cisco:wireless_control_system

Activity : Overall

Related : CVE

  Date Alert Description
7.8 2007-04-16 CVE-2007-2035

Cisco Wireless Control System (WCS) before 4.0.66.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain network organization data via a direct request for files in certain directories, aka Bug ID CSCsg04301.
9 2007-04-16 CVE-2007-2034

Unspecified vulnerability in Cisco Wireless Control System (WCS) before 4.0.87.0 allows remote authenticated users to gain the privileges of the SuperUsers group, and manage the application and its networks, related to the group membership of user accounts, aka Bug ID CSCsg05190.
6.5 2007-04-16 CVE-2007-2033

Unspecified vulnerability in Cisco Wireless Control System (WCS) before 4.0.81.0 allows remote authenticated users to read any configuration page by changing the group membership of user accounts, aka Bug ID CSCse78596.
7.5 2007-04-16 CVE-2007-2032

Cisco Wireless Control System (WCS) before 4.0.96.0 has a hard-coded FTP username and password for backup operations, which allows remote attackers to read and modify arbitrary files via unspecified vectors related to "properties of the FTP server," aka Bug ID CSCse93014.

Open Source Vulnerability Database (OSVDB)

id Description
34132 Cisco Wireless Control System (WCS) Persistent FTP Backup Credentials
34131 Cisco Wireless Control System (WCS) Direct Request Arbitrary File Access
34130 Cisco Wireless Control System (WCS) Unspecified Remote Privilege Escalation
34129 Cisco Wireless Control System (WCS) Arbitrary Config Page Access