Description
The internal database in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) uses an undocumented, hard-coded username and password, which allows remote authenticated users to read, and possibly modify, sensitive configuration data (aka bugs CSCsd15955).
Affected products
- Cisco / wireless_control_system3.2\(40\)
References
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/2583
- MISChttp://www.osvdb.org/26884
- VENDOR_ADVISORYhttp://secunia.com/advisories/20870
- VENDOR_ADVISORYhttp://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml
- MISChttp://securitytracker.com/id?1016398
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/27438
- MISChttp://www.securityfocus.com/bid/18701