Executive Summary

Summary
TitleDefault Credentials for root Account on the Cisco Media Experience Engine 5600
Informations
Namecisco-sa-20110601-mxeFirst vendor Publication2011-04-20
VendorCiscoLast vendor Modification2011-06-01
Severity (Vendor) N/ARevision1.0

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score10Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Cisco Media Experience Engine (MXE) 5600 devices that are running Cisco Media Processing Software releases prior to 1.2 ship with a root administrator account that is enabled by default with a default password. An unauthorized user could use this account to modify the software configuration and operating system settings or gain complete administrative control of the device. A software upgrade is not required to resolve this vulnerability. Customers can change the root account password by issuing a configuration command on affected engines. The workarounds detailed in this document provide instructions for changing the root account password.

Original Source

Url : http://www.cisco.com/warp/public/707/cisco-sa-20110601-mxe.shtml

CWE : Common Weakness Enumeration

idName
CWE-255Credentials Management

CPE : Common Platform Enumeration

TypeDescriptionCount
Application5
Hardware1

Open Source Vulnerability Database (OSVDB)

idDescription
72721Cisco Media Experience Engine 5600 Default Root Administrator Credentials