Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3285

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-3285
Last Modified 07 Mar 2011 09:38:16
Published 28 Jun 2006 06:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3285

Summary

The internal database in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) uses an undocumented, hard-coded username and password, which allows remote authenticated users to read, and possibly modify, sensitive configuration data (aka bugs CSCsd15955).

Vulnerable Systems


References

CISCO - 20060628 Multiple Vulnerabilities in Wireless Control System

VUPEN - ADV-2006-2583

BID - 18701

XF - cisco-wcs-default-database-account(27438)

OSVDB - 26884

SECTRACK - 1016398

SECUNIA - 20870


Last Updated: 27 May 2016 10:42:57