CERTA-2006-AVI-264
Vulnerability from certfr_avis - Published: 2006-06-29 - Updated: 2006-06-29
Plusieurs vulnérabilités sont présentes sur deux logiciels wifi de CISCO. Ces vulnérabilités peuvent être utilisées pour contourner l'authentification et élever ses privilèges sur le système.
Description
- Une première vulnérabilité est présente sur l'interface web du point d'acces wifi Cisco. Cette vulnérabilité permet à un utilisateur mal intentionné de contourner l'authentification et d'obtenir les privilèges de l'administrateur sur le point d'accès.
- D'autres vulnérabilités sont présentes sur Cisco Wireless Control System (WCS). Ces vulnérabilités permettent à un utilisateur mal intentionné d'accéder à des informations sensibles, de s'authentifier via un mot de passe administrateur par défaut, de réaliser une attaque de type « Cross Site Scripting » ou encore de lire et d'écrire des fichiers sur WCS.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Cisco | N/A | Wireless Access point 1130 ; | ||
| Cisco | N/A | Wireless Access point 1310 ; | ||
| Cisco | N/A | Wireless Access point 1410 ; | ||
| Cisco | N/A | Cisco Wireless Control System (WCS) 3.2 ; | ||
| Cisco | N/A | Wireless Access point 1240 ; | ||
| Cisco | N/A | Cisco Wireless Control System (WCS) 4.0 ; | ||
| Cisco | N/A | Wireless Access point and Wireless Bridge 350 ; | ||
| Cisco | N/A | Wireless Access point 1100 ; | ||
| Cisco | N/A | Wireless Access point 1200 ; |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Wireless Access point 1130 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Wireless Access point 1310 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Wireless Access point 1410 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Wireless Control System (WCS) 3.2 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Wireless Access point 1240 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Wireless Control System (WCS) 4.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Wireless Access point and Wireless Bridge 350 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Wireless Access point 1100 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Wireless Access point 1200 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\n- Une premi\u00e8re vuln\u00e9rabilit\u00e9 est pr\u00e9sente sur l\u0027interface web du point\n d\u0027acces wifi Cisco. Cette vuln\u00e9rabilit\u00e9 permet \u00e0 un utilisateur mal\n intentionn\u00e9 de contourner l\u0027authentification et d\u0027obtenir les\n privil\u00e8ges de l\u0027administrateur sur le point d\u0027acc\u00e8s.\n- D\u0027autres vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes sur Cisco Wireless Control\n System (WCS). Ces vuln\u00e9rabilit\u00e9s permettent \u00e0 un utilisateur mal\n intentionn\u00e9 d\u0027acc\u00e9der \u00e0 des informations sensibles, de\n s\u0027authentifier via un mot de passe administrateur par d\u00e9faut, de\n r\u00e9aliser une attaque de type \u00ab Cross Site Scripting \u00bb ou encore de\n lire et d\u0027\u00e9crire des fichiers sur WCS.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [],
"initial_release_date": "2006-06-29T00:00:00",
"last_revision_date": "2006-06-29T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco ID 20060628-ap du 28 juin 2006 :",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060628-ap.shtml"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco ID 20060628-wcs du 28 juin 2006 :",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060628-wsc.shtml"
}
],
"reference": "CERTA-2006-AVI-264",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2006-06-29T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes sur deux logiciels wifi de\nCISCO. Ces vuln\u00e9rabilit\u00e9s peuvent \u00eatre utilis\u00e9es pour contourner\nl\u0027authentification et \u00e9lever ses privil\u00e8ges sur le syst\u00e8me.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans plusieurs produits sans fil de CISCO",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 CISCO",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…