Database Vulnerability in Cisco Wireless Control System for Linux and Windows
CVE-2006-3285

Currently unrated

Key Information:

Vendor: Cisco
Status: Wireless Control System
Vendor: CVE Published:; 28 June 2006

Summary

The Cisco Wireless Control System (WCS) for both Linux and Windows versions prior to 3.2(51) contains a significant security flaw wherein it utilizes an undocumented hard-coded username and password for its internal database. This vulnerability allows remote authenticated users to access and potentially manipulate sensitive configuration data, exposing networks to potential exploitation. The issue was characterized by bugs such as CSCsd15955, underscoring the importance of secure credential management and routine system updates to protect against unauthorized access.

References

http://www.vupen.com/english/advisories/2006/2583

vdb-entryx_refsource_VUPEN

http://www.osvdb.org/26884

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/20870

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jun 28, 2006
Vulnerability Reserved
Jun 28, 2006