Vulnerability Description
The internal database in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(63) stores a hard-coded username and password in plaintext within unspecified files, which allows remote authenticated users to access the database (aka bug CSCsd15951).
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Wireless Control System | <= 3.2\(51\) |
References
- http://secunia.com/advisories/20870
- http://securitytracker.com/id?1016398
- http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtmlPatch
- http://www.osvdb.org/26883
- http://www.securityfocus.com/bid/18701
- http://www.vupen.com/english/advisories/2006/2583
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27438
- http://secunia.com/advisories/20870
- http://securitytracker.com/id?1016398
- http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtmlPatch
- http://www.osvdb.org/26883
- http://www.securityfocus.com/bid/18701
- http://www.vupen.com/english/advisories/2006/2583
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27438
FAQ
What is CVE-2006-3286?
CVE-2006-3286 is a vulnerability with a CVSS score of 7.5 (HIGH). The internal database in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(63) stores a hard-coded username and password in plaintext within unspecified files, which allows remote a...
How severe is CVE-2006-3286?
CVE-2006-3286 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-3286?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Wireless Control System.