Vulnerability Description
The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 do not properly implement authentication and privilege assignment for the guest account, which allows remote attackers to access administrative interfaces or the WLAN.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alcatel-Lucent | Omniaccess Wireless | 43xx |
| Aruba | Mobility Controller | 200 |
Related Weaknesses (CWE)
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052382.htmlVendor Advisory
- http://osvdb.org/33185
- http://secunia.com/advisories/24144Vendor Advisory
- http://securityreason.com/securityalert/2243
- http://www.kb.cert.org/vuls/id/613833Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/archive/1/459927/100/0/threaded
- http://www.securityfocus.com/bid/22538
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32461
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052382.htmlVendor Advisory
- http://osvdb.org/33185
- http://secunia.com/advisories/24144Vendor Advisory
- http://securityreason.com/securityalert/2243
- http://www.kb.cert.org/vuls/id/613833Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/archive/1/459927/100/0/threaded
- http://www.securityfocus.com/bid/22538
FAQ
What is CVE-2007-0932?
CVE-2007-0932 is a vulnerability with a CVSS score of 7.5 (HIGH). The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 do not properly implement authentication and privilege assignment for the guest acc...
How severe is CVE-2007-0932?
CVE-2007-0932 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0932?
Check the references section above for vendor advisories and patch information. Affected products include: Alcatel-Lucent Omniaccess Wireless, Aruba Mobility Controller.