CVE-2006-3290

HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request.

Severity	MEDIUM
CVSS	5.0
EPSS	-
CWE	NVD-CWE-Other
KEV
Published	19 years ago
Modified	1 month ago

Public Affected Products

Product	Advisory	Evidence
Cisco Wireless Control System (WCS) Software	cisco-sa-20060628-wcs	Cisco CSAF · structured affected