CVE-2006-3291: The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed…

CVE-2006-3291 [HIGH] GHSA-3j47-5x58-8672: The web interface on Cisco IOS 12 The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all security and password configurations and allows remote attackers to access the system.

CVE-2006-3291 Access Point Web-browser Interface Vulnerability Access Point Web-browser Interface Vulnerability The Cisco web-browser interface for Cisco access points and Cisco 3200 Series Wireless Mobile Interface Card (WMIC), contains a vulnerability that could, under certain circumstances, remove the default security configuration from the managed access point and allow administrative access without validation of administrative user credentials. Cisco has made free software available to address this vulnerability for affected customers. There are workarounds available to mitigate the effects of this vulnerability. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20060628-ap.

CVE-2006-3291 Access Point Web-browser Interface Vulnerability CVE-2006-3291: Access Point Web-browser Interface Vulnerability The Cisco web-browser interface for Cisco access points and Cisco 3200 Series Wireless Mobile Interface Card (WMIC), contains a vulnerability that could, under certain circumstances, remove the default security configuration from the managed access point and allow administrative access without validation of administrative user credentials. Cisco has made free software available to address this vulnerability for affected customers. There are Bug IDs: CSCsd67403, CSCsf18032, CSCsd67403