Vulnerability Description
The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 and earlier to Cisco Wireless Control System (WCS) creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Wireless Lan Solution Engine | <= 4.1.91.0 |
| Cisco | Wireless Control System | 4.1.91.0 |
Related Weaknesses (CWE)
References
- http://osvdb.org/37936
- http://www.cisco.com/en/US/products/products_security_advisory09186a00808d72db.s
- http://www.securityfocus.com/bid/26000
- http://www.securitytracker.com/id?1018797
- http://www.vupen.com/english/advisories/2007/3456
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37053
- http://osvdb.org/37936
- http://www.cisco.com/en/US/products/products_security_advisory09186a00808d72db.s
- http://www.securityfocus.com/bid/26000
- http://www.securitytracker.com/id?1018797
- http://www.vupen.com/english/advisories/2007/3456
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37053
FAQ
What is CVE-2007-5382?
CVE-2007-5382 is a vulnerability with a CVSS score of 10.0 (HIGH). The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 and earlier to Cisco Wireless Control System (WCS) creates administrator accounts with default usernames a...
How severe is CVE-2007-5382?
CVE-2007-5382 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5382?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Wireless Lan Solution Engine, Cisco Wireless Control System.