CVE-2007-2040

Severity Score

6.2

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points before 3.2.185.0, and 4.0.x before 4.0.206.0, have a hard-coded password, which allows attackers with physical access to perform arbitrary actions on the device, aka Bug ID CSCsg15192.

Cisco Aironet 1000 Series y 1500 Series Lightweight Access Points anteriores a 3.2.185.0, y 4.0.x anteriores a 4.0.206.0, tienen una contraseña fija en el código, lo cual permite a atacantes con acceso físico realizar acciones de su elección en el dispositivo, también conocido como Bug ID CSCsg15192.

*Credits: N/A

CVSS Scores

NISTv2 6.2

Attack Vector

Local

Attack Complexity

High

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2007-04-16 CVE Reserved
2007-04-16 CVE Published
2023-12-04 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source
http://securitytracker.com/id?1017908	Third Party Advisory
http://www.osvdb.org/34133	Broken Link
http://www.securityfocus.com/bid/23461	Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33610	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
http://www.cisco.com/warp/public/707/cisco-sa-20070412-wlc.shtml	2019-08-14

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"	Wireless Lan Controller Software Search vendor "Cisco" for product "Wireless Lan Controller Software"	>= 3.2 < 3.2.185.0 Search vendor "Cisco" for product "Wireless Lan Controller Software" and version " >= 3.2 < 3.2.185.0"	-	Affected	in	Cisco Search vendor "Cisco"	Aironet 1000-series Search vendor "Cisco" for product "Aironet 1000-series"	-	-	Safe
Cisco Search vendor "Cisco"	Wireless Lan Controller Software Search vendor "Cisco" for product "Wireless Lan Controller Software"	>= 3.2 < 3.2.185.0 Search vendor "Cisco" for product "Wireless Lan Controller Software" and version " >= 3.2 < 3.2.185.0"	-	Affected	in	Cisco Search vendor "Cisco"	Aironet 1500-series Search vendor "Cisco" for product "Aironet 1500-series"	-	-	Safe
Cisco Search vendor "Cisco"	Wireless Lan Controller Software Search vendor "Cisco" for product "Wireless Lan Controller Software"	>= 4.0 < 4.0.206.0 Search vendor "Cisco" for product "Wireless Lan Controller Software" and version " >= 4.0 < 4.0.206.0"	-	Affected	in	Cisco Search vendor "Cisco"	Aironet 1000-series Search vendor "Cisco" for product "Aironet 1000-series"	-	-	Safe
Cisco Search vendor "Cisco"	Wireless Lan Controller Software Search vendor "Cisco" for product "Wireless Lan Controller Software"	>= 4.0 < 4.0.206.0 Search vendor "Cisco" for product "Wireless Lan Controller Software" and version " >= 4.0 < 4.0.206.0"	-	Affected	in	Cisco Search vendor "Cisco"	Aironet 1500-series Search vendor "Cisco" for product "Aironet 1500-series"	-	-	Safe