CVE-2007-5382
Summary
| CVE | CVE-2007-5382 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-10-12 01:17:00 UTC |
| Updated | 2017-07-29 01:33:00 UTC |
| Description | The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 and earlier to Cisco Wireless Control System (WCS) creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges. |
Risk And Classification
Problem Types: CWE-264
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Cisco | Wireless Control System | 4.1.91.0 | All | All | All |
| Hardware | Cisco | Wireless Control System | 4.1.91.0 | All | All | All |
| Application | Cisco | Wireless Lan Solution Engine | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Cisco Wireless Control System Conversion Utility Sets Default Administrative Accounts and Passwords - SecurityTracker | SECTRACK | www.securitytracker.com | |
| Cisco Security Advisory: Cisco Wireless Control System Conversion Utility Adds Default Password - Cisco Systems | CISCO | www.cisco.com | |
| Cisco Wireless Control System Insecure Password Vulnerability | BID | www.securityfocus.com | |
| 37936 | OSVDB | osvdb.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.