CVE-2010-2826
9.0
Vector
AV:N/AC:L/Au:S/C:C/I:C/A:C
Exploitability: 8.0 / Impact: 10.0
Source: NVD
Description
SQL injection vulnerability in Cisco Wireless Control System (WCS) 6.0.x before 6.0.196.0 allows remote authenticated users to execute arbitrary SQL commands via vectors related to the ORDER BY clause of the Client List screens, aka Bug ID CSCtf37019.
Affected (6)
Products: Cisco: Wireless Control System Software
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 6.0.188.0 |
References (2)
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.