Cisco Wireless Control System Multiple Vulnerabilities
BID:23460
Info
Cisco Wireless Control System Multiple Vulnerabilities
| Bugtraq ID: | 23460 |
| Class: | Access Validation Error |
| CVE: |
CVE-2007-2033 CVE-2007-2034 CVE-2007-2035 CVE-2007-2032 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 12 2007 12:00AM |
| Updated: | Jul 06 2016 02:39PM |
| Credit: | The vendor disclosed these issues. |
| Vulnerable: |
Cisco Wireless Control System Software 4.0.95 Cisco Wireless Control System Software 4.0 |
| Not Vulnerable: |
Cisco Wireless Control System Software 4.0.96 |
Discussion
Cisco Wireless Control System Multiple Vulnerabilities
Cisco Wireless Control System is prone to multiple vulnerabilities, including an unauthorized-access issue, a privilege-escalation issue, and an information-disclosure issue.
An attacker can exploit these issues to obtain sensitive information, gain unauthorized access, and elevate privileges, which will compromise affected devices and aid in further attacks.
Versions prior to 4.0.96.0 are vulnerable.
These issues are being tracked by Cisco Bug IDs:
CSCse93014
CSCse78596
CSCsg05190
CSCsg04301
Cisco Wireless Control System is prone to multiple vulnerabilities, including an unauthorized-access issue, a privilege-escalation issue, and an information-disclosure issue.
An attacker can exploit these issues to obtain sensitive information, gain unauthorized access, and elevate privileges, which will compromise affected devices and aid in further attacks.
Versions prior to 4.0.96.0 are vulnerable.
These issues are being tracked by Cisco Bug IDs:
CSCse93014
CSCse78596
CSCsg05190
CSCsg04301
Exploit / POC
Cisco Wireless Control System Multiple Vulnerabilities
An attacker can exploit these issues by using readily available network tools or just a browser.
An attacker can exploit these issues by using readily available network tools or just a browser.
Solution / Fix
Cisco Wireless Control System Multiple Vulnerabilities
Solution:
The vendor has released version 4.0.96.0 to address these issues. Please see the referenced advisory for more information.
Solution:
The vendor has released version 4.0.96.0 to address these issues. Please see the referenced advisory for more information.
References
Cisco Wireless Control System Multiple Vulnerabilities
References:
References: