CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2010-2987
https://notcve.org/view.php?id=CVE-2010-2987
09 Aug 2010 — Multiple cross-site scripting (XSS) vulnerabilities in Cisco Wireless Control System (WCS) 7.x before 7.0.164, as used in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtg33854. Multiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en Cisco Wireless Control System (WCS) v7.x anterior a v7.0.164, como las usadas en Cisco Unified Wireless Network (UWN) S... • http://secunia.com/advisories/40827 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2010-2988
https://notcve.org/view.php?id=CVE-2010-2988
09 Aug 2010 — Cross-site scripting (XSS) vulnerability in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtf35333. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) Cisco Unified Wireless Network (UWN) Solution v7.x anterior a v7.0.98.0 permite a atacantes remotos inyectar código web o HTML de su elección a través de vectores sin especificar, también conocido como Bug ID CSC... • http://secunia.com/advisories/40827 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2010-2975
https://notcve.org/view.php?id=CVE-2010-2975
09 Aug 2010 — Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 does not properly handle multiple SSH sessions, which allows physically proximate attackers to read a password, related to an "arrow key failure," aka Bug ID CSCtg51544. Cisco Unified Wireless Network (UWN) Solution v7.x hasta v7.0.98.0 no maneja adecuadamente múltiples sesiones SSH, lo que permite a atacantes físicamente cercanos leer una contraseña, relacionado con un "arrow key failure". También conocido como Bug ID CSCtg51544. • http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 0CVE-2010-2976
https://notcve.org/view.php?id=CVE-2010-2976
09 Aug 2010 — The controller in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 has (1) a default SNMP read-only community of public, (2) a default SNMP read-write community of private, and a value of "default" for the (3) SNMP v3 username, (4) SNMP v3 authentication password, and (5) SNMP v3 privacy password, which makes it easier for remote attackers to obtain access. El controlador de Cisco Unified Wireless Network (UWN) Solution v7.x anterior a v7.0.98.0 tiene (1) una comunidad pública SNMP por def... • http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html • CWE-255: Credentials Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2010-2977
https://notcve.org/view.php?id=CVE-2010-2977
09 Aug 2010 — Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not properly implement TLS and SSL, which has unspecified impact and remote attack vectors, aka Bug ID CSCtd01611. Cisco Unified Wireless Network (UWN) Solution v7.x anterior a v7.0.98.0, no implementa adecuadamente TLS y SSL, lo que tiene un impacto no especificado y vectores de ataque remotos. También conocido como Bug ID CSCtd01611. • http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html • CWE-16: Configuration •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2010-2978
https://notcve.org/view.php?id=CVE-2010-2978
09 Aug 2010 — Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not use an adequate message-digest algorithm for a self-signed certificate, which allows remote attackers to bypass intended access restrictions via vectors involving collisions, aka Bug ID CSCtd67660. Cisco Unified Wireless Network (UWN) Solution v7.x anterior a v7.0.98.0, no usa un algoritmo message-digest adecuado para un certificado autofirmado, lo que permite a atacantes remotos evitar resctricciones de acceso intencionadas a través... • http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html • CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2010-2979
https://notcve.org/view.php?id=CVE-2010-2979
09 Aug 2010 — Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (buffer leak and device crash) via ARP requests that trigger an ARP storm, aka Bug ID CSCte43508. Cisco Unified Wireless Network (UWN) Solution v7.x anterior a v7.0.98.0 en controladores de la serie 5508, permiten a atacantes remotos provocar una denegación de servicio (fuga de búffer y caída del dispositivo) a través de peticiones ARP que desencadenan una torment... • http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2010-2980
https://notcve.org/view.php?id=CVE-2010-2980
09 Aug 2010 — Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (pbuf exhaustion and device crash) via fragmented traffic, aka Bug ID CSCtd26794. Cisco Unified Wireless Network (UWN) Solution v7.x anterior a v7.0.98.0 en controladores de la serie 5508, permiten a atacantes remotos provocar una denegación de servicio (agotamiento de pbuf y caída del dispositivo) a través de tráfico fragmentado, también conocido como Bug ID CSCt... • http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2010-2981
https://notcve.org/view.php?id=CVE-2010-2981
09 Aug 2010 — Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (device crash) by pinging a virtual interface, aka Bug ID CSCte55370. Cisco Unified Wireless Network (UWN) Solution v7.x anterior a v7.0.98.0, permite a atacantes remotos provocar una denegación de servicio (caída del dispositivo) haciendo ping a un interfaz virtual, también conocido como Bug ID CSCte55370. • http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2010-2982
https://notcve.org/view.php?id=CVE-2010-2982
09 Aug 2010 — Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to discover a group password via a series of SNMP requests, as demonstrated by an SNMP walk, aka Bug ID CSCtb74037. Cisco Unified Wireless Network (UWN) Solution v7.x anterior a v7.0.98.0 permite a atacantes remotos descubrir una contraseña de grupo a través de una serie de peticiones SNMP como se demostró con un "SNMP walk", también conocido como Bug ID CSCtb74037. • http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •