The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 and earlier to Cisco Wireless Control System (WCS) creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Wireless_lan_solution_engine | Cisco | * | 4.1.91.0 (including) |
| Wireless_control_system | Cisco | 4.1.91.0 (including) | 4.1.91.0 (including) |
References
- http://osvdb.org/37936
- http://www.cisco.com/en/US/products/products_security_advisory09186a00808d72db.shtml
- http://www.securityfocus.com/bid/26000
- http://www.securitytracker.com/id?1018797
- http://www.vupen.com/english/advisories/2007/3456
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37053
- http://osvdb.org/37936
- http://www.cisco.com/en/US/products/products_security_advisory09186a00808d72db.shtml
- http://www.securityfocus.com/bid/26000
- http://www.securitytracker.com/id?1018797
- http://www.vupen.com/english/advisories/2007/3456
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37053