CVE-2007-2034 - Unspecified vulnerability in Cisco Wireless Control System (WCS) before 4.0.87.0 allows remote authe

CVE-2007-2034

Summary

Unspecified vulnerability in Cisco Wireless Control System (WCS) before 4.0.87.0 allows remote authenticated users to gain the privileges of the SuperUsers group, and manage the application and its networks, related to the group membership of user accounts, aka Bug ID CSCsg05190.

References

Vulnerable Configurations

cpe:2.3:h:cisco:wireless_control_system:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wireless_control_system:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wireless_control_system:3.2\(40\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:wireless_control_system:3.2\(40\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:wireless_control_system:3.2\(51\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:wireless_control_system:3.2\(51\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:wireless_control_system:4.0:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wireless_control_system:4.0:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wireless_control_system:4.0\(1\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:wireless_control_system:4.0\(1\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:wireless_control_system:4.0.95:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wireless_control_system:4.0.95:*:*:*:*:*:*:*

CVSS

Base:	9.0 (as of 29-07-2017 - 01:31)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:S/C:C/I:C/A:C

refmap via4

bid	23460
cisco	20070412 Multiple Vulnerabilities in the Cisco Wireless Control System
osvdb	34130
sectrack	1017907
secunia	24865
vupen	ADV-2007-1367
xf	cisco-wcs-account-privilege-escalation(33612)

Last major update

29-07-2017 - 01:31

Published

16-04-2007 - 21:19

Last modified

29-07-2017 - 01:31