Vulnerability Details : CVE-2007-0932
The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 do not properly implement authentication and privilege assignment for the guest account, which allows remote attackers to access administrative interfaces or the WLAN.
Products affected by CVE-2007-0932
- cpe:2.3:h:alcatel-lucent:omniaccess_wireless:43xx:*:*:*:*:*:*:*
- cpe:2.3:h:alcatel-lucent:omniaccess_wireless:6000:*:*:*:*:*:*:*
- cpe:2.3:h:aruba:mobility_controller:2400:*:*:*:*:*:*:*
- cpe:2.3:h:aruba:mobility_controller:6000:*:*:*:*:*:*:*
- cpe:2.3:h:aruba:mobility_controller:800:*:*:*:*:*:*:*
- cpe:2.3:h:aruba:mobility_controller:200:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-0932
14.51%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-0932
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2007-0932
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-0932
-
http://www.kb.cert.org/vuls/id/613833
Third Party Advisory;US Government Resource
-
http://www.securityfocus.com/bid/22538
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/32461
-
http://securityreason.com/securityalert/2243
-
http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052382.html
Vendor Advisory
-
http://www.securityfocus.com/archive/1/459927/100/0/threaded
Jump to