CVE-2007-2036 — Cisco Wireless LAN Controller Software vulnerability

CWE-264 CWE-3994 documents4 sources

Severity

10.0CRITICALNVD

EPSS

2.4%

top 14.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Wireless LAN Controller Software

Timeline

PublishedApr 16

Latest updateMay 1

Description

The SNMP implementation in the Cisco Wireless LAN Controller (WLC) before 20070419 uses the default read-only community public, and the default read-write community private, which allows remote attackers to read and modify SNMP variables, aka Bug ID CSCse02384.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDcisco/wireless_lan_controller_software4.1

Patches

Patch: www.cisco.com ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-vv79-p5p7-73ch: The SNMP implementation in the Cisco Wireless LAN Controller (WLC) before 20070419 uses the default read-only community public, and the default read-w↗2022-05-01

▶

CVEList

CVE-2007-2036: The SNMP implementation in the Cisco Wireless LAN Controller (WLC) before 20070419 uses the default read-only community public, and the default read-w↗2007-04-16

▶

📋Vendor Advisories

Cisco

Multiple Vulnerabilities in the Cisco Wireless LAN Controller and Cisco Lightweight Access Points↗2007-04-12

▶