Executive Summary
| Summary | |
|---|---|
| Title | Default Credentials for Root Account on Tandberg E, EX and C Series Endpoints |
| Informations | |||
|---|---|---|---|
| Name | cisco-sa-20110202-tandberg | First vendor Publication | 2010-12-13 |
| Vendor | Cisco | Last vendor Modification | 2011-02-02 |
| Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Tandberg C Series Endpoints and E/EX Personal Video units that are running software versions prior to TC4.0.0 ship with a root administrator account that is enabled by default with no password. An attacker could use this account in order to modify the application configuration or operating system settings. Resolving this default password issue does not require a software upgrade and can be changed or disabled by a configuration command for all affected customers. The workaround detailed in this document demonstrates how to disable the root account or change the password. |
Original Source
| Url : http://www.cisco.com/en/US/products/ps11422/products_security_advisory0918 (...) |
Alert History
| Date | Informations |
|---|---|
| 2016-04-26 21:33:57 |
|
