Executive Summary

TitleDefault Credentials for root Account on the Cisco Media Experience Engine 5600
Namecisco-sa-20110601-mxeFirst vendor Publication2011-04-20
VendorCiscoLast vendor Modification2011-06-01
Severity (Vendor) N/ARevision1.0

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score10Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores


Cisco Media Experience Engine (MXE) 5600 devices that are running Cisco Media Processing Software releases prior to 1.2 ship with a root administrator account that is enabled by default with a default password. An unauthorized user could use this account to modify the software configuration and operating system settings or gain complete administrative control of the device. A software upgrade is not required to resolve this vulnerability. Customers can change the root account password by issuing a configuration command on affected engines. The workarounds detailed in this document provide instructions for changing the root account password.

Original Source

Url : http://www.cisco.com/warp/public/707/cisco-sa-20110601-mxe.shtml

CWE : Common Weakness Enumeration

100 %CWE-255Credentials Management

CPE : Common Platform Enumeration


Open Source Vulnerability Database (OSVDB)

72721Cisco Media Experience Engine 5600 Default Root Administrator Credentials