CVE-2007-5382
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 and earlier to Cisco Wireless Control System (WCS) creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges.
La utilidad de conversiĆ³n para converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 y versiones anteriores en Cisco Wireless Control System (WCS) crea cuentas de administrador con nombres y contraseƱas por defecto, lo cual permite a atacantes remotos obtener privilegios.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-10-11 CVE Reserved
- 2007-10-12 CVE Published
- 2024-08-07 CVE Updated
- 2024-09-22 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/37936 | Vdb Entry | |
| http://www.securityfocus.com/bid/26000 | Vdb Entry | |
| http://www.securitytracker.com/id?1018797 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/3456 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/37053 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a00808d72db.shtml | 2017-07-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Wireless Lan Solution Engine Search vendor "Cisco" for product "Wireless Lan Solution Engine" | <= 4.1.91.0 Search vendor "Cisco" for product "Wireless Lan Solution Engine" and version " <= 4.1.91.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wireless Control System Search vendor "Cisco" for product "Wireless Control System" | 4.1.91.0 Search vendor "Cisco" for product "Wireless Control System" and version "4.1.91.0" | - |
Affected
| ||||||