CVE-2004-0391
First published: Fri Apr 16 2004(Updated: )
Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting Solution Engine (HSE) 1.7 through 1.7.3 have a hardcoded username and password, which allows remote attackers to add new users, modify existing users, and change configuration.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Wireless LAN Solution Engine | =2.4 | |
| Cisco Wireless LAN Solution Engine | =2.1 | |
| Cisco Wireless LAN Solution Engine | =2.2 | |
| Cisco Wireless LAN Solution Engine | =2.0 | |
| Cisco Wireless LAN Solution Engine | =2.5 | |
| Cisco Wireless LAN Solution Engine | =2.3 | |
| Cisco Hosting Solution Engine | =1.7.3 | |
| Cisco Hosting Solution Engine | =1.7.0 | |
| Cisco Hosting Solution Engine | =1.7 | |
| Cisco Hosting Solution Engine | =1.7.2 | |
| Cisco Hosting Solution Engine | =1.7.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2004-0391?
CVE-2004-0391 is considered a high-severity vulnerability due to its potential for unauthorized access and system modifications.
How do I fix CVE-2004-0391?
To fix CVE-2004-0391, users should upgrade to the latest versions of Cisco Wireless LAN Solution Engine and Hosting Solution Engine where the hardcoded credentials issue has been resolved.
What systems are affected by CVE-2004-0391?
CVE-2004-0391 affects Cisco Wireless LAN Solution Engine versions 2.0 through 2.5 and Hosting Solution Engine versions 1.7 through 1.7.3.
What type of attack can exploit CVE-2004-0391?
CVE-2004-0391 can be exploited by remote attackers to gain unauthorized access to the affected systems.
Is CVE-2004-0391 still a concern for current systems?
Yes, CVE-2004-0391 remains a concern for systems running the affected versions that have not been patched or upgraded.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/author
- agent/remedy
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/cisco
- canonical/cisco wireless lan solution engine
- version/cisco wireless lan solution engine/2.4
- version/cisco wireless lan solution engine/2.1
- version/cisco wireless lan solution engine/2.2
- version/cisco wireless lan solution engine/2.0
- version/cisco wireless lan solution engine/2.5
- version/cisco wireless lan solution engine/2.3
- canonical/cisco hosting solution engine
- version/cisco hosting solution engine/1.7.3
- version/cisco hosting solution engine/1.7.0
- version/cisco hosting solution engine/1.7
- version/cisco hosting solution engine/1.7.2
- version/cisco hosting solution engine/1.7.1