Executive Summary

Summary
Title Default Credentials for root Account on the Cisco Media Experience Engine 5600
Informations
Name cisco-sa-20110601-mxe First vendor Publication 2011-04-20
Vendor Cisco Last vendor Modification 2011-06-01
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Cisco Media Experience Engine (MXE) 5600 devices that are running Cisco Media Processing Software releases prior to 1.2 ship with a root administrator account that is enabled by default with a default password. An unauthorized user could use this account to modify the software configuration and operating system settings or gain complete administrative control of the device. A software upgrade is not required to resolve this vulnerability. Customers can change the root account password by issuing a configuration command on affected engines. The workarounds detailed in this document provide instructions for changing the root account password.

Original Source

Url : http://www.cisco.com/warp/public/707/cisco-sa-20110601-mxe.shtml

CWE : Common Weakness Enumeration

idName
CWE-255Credentials Management

CPE : Common Platform Enumeration

TypeDescriptionCount
Application5
Hardware1

Open Source Vulnerability Database (OSVDB)

idDescription
72721Cisco Media Experience Engine 5600 Default Root Administrator Credentials