5
CVE-2006-3290
- EPSS 2.31%
- Veröffentlicht 28.06.2006 23:05:00
- Zuletzt bearbeitet 16.06.2026 22:26:46
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Wireless Control System Version <= 3.2\(51\)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.31% | 0.812 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://secunia.com/advisories/20870
http://securitytracker.com/id?1016398
http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml
http://www.securityfocus.com/bid/18701
http://www.vupen.com/english/advisories/2006/2583
http://www.osvdb.org/26879
https://exchange.xforce.ibmcloud.com/vulnerabilities/27442