Cisco: >> Wireless Control System >> 4.1.91.0 Security Vulnerabilities
Multiple cross-site scripting (XSS) vulnerabilities in Health Monitor Login pages in Cisco Prime Network Control System (NCS) and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud18375.
CVSS Score
4.3
EPSS Score
0.002
Published
2013-09-06
The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 and earlier to Cisco Wireless Control System (WCS) creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges.
CVSS Score
10.0
EPSS Score
0.024
Published
2007-10-12