CVE-2007-2040 — MEDIUM (6.2)

Q: How severe is CVE-2007-2040?

CVE-2007-2040 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2007-2040?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Wireless Lan Controller Software, Cisco Aironet 1000-Series, Cisco Aironet 1500-Series.

Vulnerability Description

Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points before 3.2.185.0, and 4.0.x before 4.0.206.0, have a hard-coded password, which allows attackers with physical access to perform arbitrary actions on the device, aka Bug ID CSCsg15192.

CVSS Score

6.2

MEDIUM

AV:L/AC:H/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Cisco	Wireless Lan Controller Software	>= 3.2, < 3.2.185.0
Cisco	Aironet 1000-Series	-
Cisco	Aironet 1500-Series	-

References

http://securitytracker.com/id?1017908Third Party AdvisoryVDB Entry
http://www.cisco.com/warp/public/707/cisco-sa-20070412-wlc.shtmlPatchVendor Advisory
http://www.osvdb.org/34133Broken Link
http://www.securityfocus.com/bid/23461Third Party AdvisoryVDB Entry
http://www.vupen.com/english/advisories/2007/1368Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/33610Third Party AdvisoryVDB Entry
http://securitytracker.com/id?1017908Third Party AdvisoryVDB Entry
http://www.cisco.com/warp/public/707/cisco-sa-20070412-wlc.shtmlPatchVendor Advisory
http://www.osvdb.org/34133Broken Link
http://www.securityfocus.com/bid/23461Third Party AdvisoryVDB Entry
http://www.vupen.com/english/advisories/2007/1368Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/33610Third Party AdvisoryVDB Entry

FAQ

What is CVE-2007-2040?

CVE-2007-2040 is a vulnerability with a CVSS score of 6.2 (MEDIUM). Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points before 3.2.185.0, and 4.0.x before 4.0.206.0, have a hard-coded password, which allows attackers with physical access to perform arb...

How severe is CVE-2007-2040?

CVE-2007-2040 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-2040?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Wireless Lan Controller Software, Cisco Aironet 1000-Series, Cisco Aironet 1500-Series.