Information Disclosure Vulnerability in Cisco Wireless Control System
CVE-2007-2035

Currently unrated

Key Information:

Vendor: Cisco
Status: Wireless Control System
Vendor: CVE Published:; 16 April 2007

Summary

The Cisco Wireless Control System (WCS) prior to version 4.0.66.0 contains a security flaw that allows unauthorized users to access sensitive network organization data. This is caused by the system's improper access control, resulting in sensitive information being stored under the web root. Attackers can exploit this vulnerability by sending direct requests to specific directories, thereby gaining unauthorized insights into the network configuration.

References

http://www.cisco.com/warp/public/707/cisco-sa-20070412-wc...

vendor-advisoryx_refsource_CISCO

http://www.vupen.com/english/advisories/2007/1367

vdb-entryx_refsource_VUPEN

http://securitytracker.com/id?1017907

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Apr 16, 2007
Vulnerability Reserved
Apr 16, 2007