Multiple Vulnerabilities in the WLSE Appliance

cisco-sa-20060419-wlse · NA · Published 20 years ago · Updated 20 years ago

Data: Cisco advisories 1 day ago · Cisco CSAF 4 hours ago · NVD CVEs 7 hours ago · NVD CPEs 1 day ago · CISA KEV 1 day ago · EPSS 1 day ago

There are two vulnerabilities that exist in the CiscoWorks Wireless LAN Solution Engine (WLSE). The first is a cross site scripting (XSS) vulnerability that may allow an attacker to gain administrative privileges on the system. The second is a local privilege escalation vulnerability that can be used by an attacker who already has authenticated access to the command line interface to obtain access to the underlying operating system. Cisco has made free software available to address this vulnerability for affected customers. This advisory is available at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20060419-wlse

Cisco advisory ·CSAF JSON

Workarounds

No workaround information imported yet.

CVEs	CVE-2006-1960
Cisco Bug IDs	NA
CVSS Score	Base NA

Products with public affected evidence

Product	CVE	Affected evidence
CiscoWorks Wireless LAN Solution Engine (WLSE)	CVE-2006-1960	structured affected CSAF product_status
CiscoWorks Wireless LAN Solution Engine (WLSE) Express	CVE-2006-1960	structured affected CSAF product_status