CVE-2006-3291

Sažetak

The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all security and password configurations and allows remote attackers to access the system.

Reference

http://secunia.com/advisories/20860
http://securitytracker.com/id?1016399
http://www.cisco.com/warp/public/707/cisco-sa-20060628-ap.shtml
http://www.kb.cert.org/vuls/id/544484
http://www.osvdb.org/26878
http://www.securityfocus.com/bid/18704
http://www.vupen.com/english/advisories/2006/2584
https://exchange.xforce.ibmcloud.com/vulnerabilities/27437

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

20-07-2017 - 01:32

Objavljeno

28-06-2006 - 23:05