Cisco Wireless Control System Vulnerability for Linux and Windows
CVE-2006-3286

Currently unrated

Key Information:

Vendor: Cisco
Status: Wireless Control System
Vendor: CVE Published:; 28 June 2006

Summary

The internal database in Cisco Wireless Control System (WCS) for both Linux and Windows versions prior to 3.2(63) contains hard-coded usernames and passwords stored in plaintext. This security oversight permits remote authenticated users to gain unauthorized access to the database, presenting significant risks to data integrity and confidentiality. Administrators are urged to apply updates and follow security best practices to mitigate potential exploitation.

References

http://www.vupen.com/english/advisories/2006/2583

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/20870

third-party-advisoryx_refsource_SECUNIA

http://www.cisco.com/warp/public/707/cisco-sa-20060628-wc...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Jun 28, 2006
Vulnerability Reserved
Jun 28, 2006