CVEブラウザに戻る

CVE-2007-5382

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0190%

EPSS Percentile23.72th

Published2007年10月12日

Last Modified2026年4月23日

Vulnerability Description

The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 and earlier to Cisco Wireless Control System (WCS) creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges.

Affected Platforms (CPE)

📦

Cisco

Wireless Lan Solution Engine

<= 4.1.91.0

🔌

Cisco

Wireless Control System

= 4.1.91.0

References & Advisories

🔗 http://osvdb.org/37936

🔗 http://www.cisco.com/en/US/products/products_security_advisory09186a00808d72db.shtml

🔗 http://www.securityfocus.com/bid/26000

🔗 http://www.securitytracker.com/id?1018797

🔗 http://www.vupen.com/english/advisories/2007/3456

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/37053

🔗 http://osvdb.org/37936

🔗 http://www.cisco.com/en/US/products/products_security_advisory09186a00808d72db.shtml

関連する脆弱性情報

CVE-2004-039110.0

Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting Solution Engine (HSE) 1.7 through 1.7.3 have a hardcoded use...

CVE-2006-19617.5

Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13, Hosting Solution Engine (HSE) and User Registra...

CVE-2006-19605.8

Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLS...

CVE-2007-14673.5

Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control S...