CVE-2007-5382

CWE-2644 documents4 sources

Severity

10.0CRITICAL

EPSS

2.4%

top 15.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Wireless LAN Solution Engine Cisco Wireless Control System

Timeline

PublishedOct 12

Latest updateMay 1

Description

The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 and earlier to Cisco Wireless Control System (WCS) creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDcisco/wireless_lan_solution_engine4.1.91.0

▶NVDcisco/wireless_control_system4.1.91.0

🔴Vulnerability Details

GHSA

GHSA-r65m-p5h5-gwg7: The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4↗2022-05-01

▶

CVEList

CVE-2007-5382: The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4↗2007-10-12

▶

📋Vendor Advisories

Cisco

Cisco Wireless Control System Conversion Utility Adds Default Password↗2007-10-10

▶