CVE-2006-3290

2006-06-2823:00:00

mitre

www.cve.org

AI Score

6.2

Confidence

Low

EPSS

0.01

Percentile

83.3%

JSON

HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request.

References

secunia.com/advisories/20870

securitytracker.com/id?1016398

www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml

www.osvdb.org/26879

www.securityfocus.com/bid/18701

www.vupen.com/english/advisories/2006/2583

exchange.xforce.ibmcloud.com/vulnerabilities/27442