Executive Summary
Summary | |
---|---|
Title | Cisco Tandberg E, EX, and C Series default root credentials |
Informations | |||
---|---|---|---|
Name | VU#436854 | First vendor Publication | 2011-02-03 |
Vendor | VU-CERT | Last vendor Modification | 2011-02-03 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#436854Cisco Tandberg E, EX, and C Series default root credentialsOverviewCisco's Tandberg C series endpoints and E/EX personal video units that run software versions prior to TC4.0.0 have a root administrator account enabled by default with no password.I. DescriptionCisco Advisory cisco-sa-20110202-tandberg states:"This vulnerability affects Tandberg C Series Endpoints and E/EX Personal Video units, including software that is running on the C20, C40, C60, C90, E20, EX60, and EX90 codecs. The software version of the Tandberg unit can be determined by logging into the web-based user interface (UI) or using the "xStatus SystemUnit" command. Users should upgrade to version TC4.0.0 or later of the device software, disable the root account, and verify the administrator account has a password set. Updates are available from the Cisco Software Area.
Referenceshttp://www.cisco.com/warp/public/707/cisco-sa-20110202-tandberg.shtml This document was written by Jared Allar.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/436854 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-255 | Credentials Management |
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2011-02-02 | Tandberg E, EX and C Series Endpoints Default Credentials for Root Account |
OpenVAS Exploits
Date | Description |
---|---|
2012-11-14 | Name : Cisco TANDBERG C Series and E/EX Series Default Credentials Authentication By... File : nvt/gb_tandberg_46107.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
68309 | Cisco TANDBERG Default Unpassworded root Account |
Alert History
Date | Informations |
---|---|
2013-05-11 00:57:05 |
|