Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2006-3291

The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all security and password configurations and allows remote attackers to access the system.

  • Published: Jun 29, 2006
  • Updated: Apr 13, 2023
  • CVE: CVE-2006-3291
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 9.3
  • AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

OWASP TOP 10:

Software From Fixed in
cisco / ios 12.3(8)ja1 12.3(8)ja1.x
cisco / ios 12.3(8)ja 12.3(8)ja.x