{"api_version":"1","generated_at":"2026-04-23T11:32:30+00:00","cve":"CVE-2007-5382","urls":{"html":"https://cve.report/CVE-2007-5382","api":"https://cve.report/api/cve/CVE-2007-5382.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-5382","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-5382"},"summary":{"title":"CVE-2007-5382","description":"The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 and earlier to Cisco Wireless Control System (WCS) creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges.","state":"PUBLISHED","assigner":"mitre","published_at":"2007-10-12 01:17:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-264","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"10","severity":"","vector":"AV:N/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www.vupen.com/english/advisories/2007/3456","name":"http://www.vupen.com/english/advisories/2007/3456","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/37936","name":"http://osvdb.org/37936","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37053","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37053","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a00808d72db.shtml","name":"http://www.cisco.com/en/US/products/products_security_advisory09186a00808d72db.shtml","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Cisco Security Advisory: Cisco Wireless Control System Conversion Utility Adds Default Password - Cisco Systems","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1018797","name":"http://www.securitytracker.com/id?1018797","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Cisco Wireless Control System Conversion Utility Sets Default Administrative Accounts and Passwords - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/26000","name":"http://www.securityfocus.com/bid/26000","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Cisco Wireless Control System Insecure Password Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-5382","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-5382","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"5382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"wireless_control_system","cpe6":"4.1.91.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5382","vulnerable":"1","versionEndIncluding":"4.1.91.0","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"wireless_lan_solution_engine","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T15:31:58.818Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"ADV-2007-3456","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/3456"},{"name":"20071010 Cisco Wireless Control System Conversion Utility Adds Default Password","tags":["vendor-advisory","x_refsource_CISCO","x_transferred"],"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a00808d72db.shtml"},{"name":"1018797","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1018797"},{"name":"26000","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/26000"},{"name":"ciscowcs-default-password-admin-account(37053)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37053"},{"name":"37936","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/37936"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-10-10T00:00:00.000Z","descriptions":[{"lang":"en","value":"The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 and earlier to Cisco Wireless Control System (WCS) creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-28T12:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"ADV-2007-3456","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/3456"},{"name":"20071010 Cisco Wireless Control System Conversion Utility Adds Default Password","tags":["vendor-advisory","x_refsource_CISCO"],"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a00808d72db.shtml"},{"name":"1018797","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1018797"},{"name":"26000","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/26000"},{"name":"ciscowcs-default-password-admin-account(37053)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37053"},{"name":"37936","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/37936"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-5382","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 and earlier to Cisco Wireless Control System (WCS) creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"ADV-2007-3456","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/3456"},{"name":"20071010 Cisco Wireless Control System Conversion Utility Adds Default Password","refsource":"CISCO","url":"http://www.cisco.com/en/US/products/products_security_advisory09186a00808d72db.shtml"},{"name":"1018797","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1018797"},{"name":"26000","refsource":"BID","url":"http://www.securityfocus.com/bid/26000"},{"name":"ciscowcs-default-password-admin-account(37053)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37053"},{"name":"37936","refsource":"OSVDB","url":"http://osvdb.org/37936"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2007-5382","datePublished":"2007-10-12T01:00:00.000Z","dateReserved":"2007-10-11T00:00:00.000Z","dateUpdated":"2024-08-07T15:31:58.818Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2007-10-12 01:17:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-264","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:wireless_lan_solution_engine:*:*:*:*:*:*:*:*","versionEndIncluding":"4.1.91.0","matchCriteriaId":"ACDCDB67-42FF-40D3-A308-04431B309496"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:wireless_control_system:4.1.91.0:*:*:*:*:*:*:*","matchCriteriaId":"3AA636D6-3DFB-45FD-BCC4-844C33523DE0"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"5382","Ordinal":"1","Title":"CVE-2007-5382","CVE":"CVE-2007-5382","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"5382","Ordinal":"1","NoteData":"The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 and earlier to Cisco Wireless Control System (WCS) creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges.","Type":"Description","Title":"CVE-2007-5382"},{"CveYear":"2007","CveId":"5382","Ordinal":"2","NoteData":"2007-10-11","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"5382","Ordinal":"3","NoteData":"2017-07-28","Type":"Other","Title":"Modified"}]}}}