CVE-2007-2035

high

Description

Cisco Wireless Control System (WCS) before 4.0.66.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain network organization data via a direct request for files in certain directories, aka Bug ID CSCsg04301.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/33606

http://www.vupen.com/english/advisories/2007/1367

http://www.securityfocus.com/bid/23460

http://www.osvdb.org/34131

http://www.cisco.com/warp/public/707/cisco-sa-20070412-wcs.shtml

http://securitytracker.com/id?1017907

http://secunia.com/advisories/24865

Details

Source: Mitre, NVD

Published: 2007-04-16

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00511