| Max CVSS | 7.5 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-3290 | 5.0 |
HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a dire
|
20-07-2017 - 01:32 | 28-06-2006 - 23:05 | |
| CVE-2006-3285 | 7.5 |
The internal database in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) uses an undocumented, hard-coded username and password, which allows remote authenticated users to read, and possibly modify, sensitive configuration da
|
20-07-2017 - 01:32 | 28-06-2006 - 22:05 | |
| CVE-2006-3288 | 5.0 |
Unspecified vulnerability in the TFTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51), when configured to use a directory path name that contains a space character, allows remote authenticated users to read and over
|
20-07-2017 - 01:32 | 28-06-2006 - 23:05 | |
| CVE-2006-3286 | 7.5 |
The internal database in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(63) stores a hard-coded username and password in plaintext within unspecified files, which allows remote authenticated users to access the database (aka bug
|
20-07-2017 - 01:32 | 28-06-2006 - 23:05 | |
| CVE-2006-3289 | 2.6 |
Cross-site scripting (XSS) vulnerability in the login page of the HTTP interface for the Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors i
|
20-07-2017 - 01:32 | 28-06-2006 - 23:05 | |
| CVE-2006-3287 | 7.5 |
Cisco Wireless Control System (WCS) for Linux and Windows 4.0(1) and earlier uses a default administrator username "root" and password "public," which allows remote attackers to gain access (aka bug CSCse21391).
|
20-07-2017 - 01:32 | 28-06-2006 - 23:05 |