CVE-2006-5288

Current Description

Cisco 2700 Series Wireless Location Appliances before 2.1.34.0 have a default administrator username "root" and password "password," which allows remote attackers to obtain administrative privileges, aka Bug ID CSCsb92893.

Basic Data

PublishedOctober 13, 2006
Last ModifiedJuly 20, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score10.0
SeverityHIGH
Exploitability Score10.0
Impact Score10.0
Obtain All Privilegetrue
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3HardwareCisco2700 Wireless Location Appliance1.1.73.0*******

Vulnerable Software List

VendorProductVersions
Cisco 2700 Wireless Location Appliance 1.1.73.0

References

NameSourceURLTags
1017056http://securitytracker.com/id?1017056SECTRACK
20061012 Default Password in Wireless Location Appliancehttp://www.cisco.com/en/US/products/products_security_advisory09186a0080758bae.shtmlCISCOPatch
30913http://www.osvdb.org/30913OSVDB
20490http://www.securityfocus.com/bid/20490BID
cisco-location-appliance-default-password(29497)https://exchange.xforce.ibmcloud.com/vulnerabilities/29497XF