Lucene search
MitreCVE-2006-3290HistoryJun 28, 2006 - 11:05 p.m.
CVE-2006-3290
2006-06-2823:05:00
mitre
web.nvd.nist.gov
23
cisco
wcs
http server
sensitive information
access control
cve-2006-3290
nvd
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.01
Percentile
83.3%
HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request.
Affected configurations
Node
ciscowireless_control_systemRange≤3.2\(51\)
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | wireless_control_system | * | cpe:2.3:h:cisco:wireless_control_system:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2006-3290
2006-06-28 23:00:00
nvd
nvd
CVE-2006-3290
2006-06-28 23:05:00
cisco
cisco
Multiple Vulnerabilities in Wireless Control System
2006-06-28 16:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.01
Percentile
83.3%
Related for CVE-2006-3290