Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2007-2282 | First vendor Publication | 2007-04-26 |
| Vendor | Cve | Last vendor Modification | 2017-07-29 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before 6.0 has an nfcuser account with the default password nfcuser, which allows remote attackers to modify the product configuration and, when installed on Linux, obtain login access to the host operating system. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2282 |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 35524 | Cisco NetFlow Collection Engine (NFC) nfcuser Default Account By default, Netflow Collection Engine installs with a default password. The nfcuser account has a password of nfcuser which is publicly known and documented. This allows attackers to trivially access the program or system. |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2021-05-04 12:05:41 |
|
| 2021-04-22 01:06:15 |
|
| 2020-05-23 00:19:39 |
|
| 2017-07-29 12:02:11 |
|
| 2016-06-28 16:24:41 |
|
| 2013-09-12 13:19:45 |
|
| 2013-05-11 10:23:58 |
|
