Executive Summary

Title Cisco Mobility Services Engine Static Credential Vulnerability
Name cisco-sa-20151104-mse-cred First vendor Publication 2015-11-04
Vendor Cisco Last vendor Modification 2015-11-04
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:P/I:P/A:P)
Cvss Base Score 6.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores


A vulnerability in the Cisco Mobility Services Engine (MSE) could allow an unauthenticated, remote attacker to log in to the MSE with the default oracle account. This account does not have full administrator privileges.

The vulnerability is due to a user account that has a default and static password. This account is created at installation and cannot be changed or deleted without impacting the functionality of the system. An attacker could exploit this vulnerability by remotely connecting to the affected system via SSH using this account. A successful exploit could allow the attacker to log in to the MSE using the default oracle account.

Cisco has released software updates that address this vulnerability. A workaround that mitigates this vulnerability is available.

This advisory is available at the following link:


BEGIN PGP SIGNATURE Version: GnuPG v1.4.5 (SunOS)

iQIVAwUBVjU/CIpI1I6i1Mx3AQKNjg/9GI0PcbZpae1heXAxTQRq4eKBKlzxIECj gJeC8r8CPUtFnjzxRWx7JmcqWXCD9Yo1/XEOmD+O3bmfc6xg3Ek0XTT08YS5vIi0 hyLW3m1imMElicStf8qB8g0fvGKJksgxnkkwi0gSxTnW9KKfolgNjLFmdjYe7FSs 4JgyqhxMwO46GNXwX6yJL3MfRVCyShQfsQoTKT+x3g+geXdcVcETiSCChZmmqIXJ rUeVpBQf1uGjteuOWUW2DDnztcFSBVt/1t9v5BakgX6sX/pEU6W87NQgq5Gn+1Ur v0XTO1FC9MmXe5E7JFBT8bq6EhQ8ZtqNSh+hjiqx8pMiMUaMB2igPmMknCsVybKI 7y9A4i5+J6TkG96KEtXqbNOer1rejjS3j83Io1yfJe3tUbr/a3t+Mu5pywJEt83N esyDSV6M9FCK9dlhugvoTvw6g9vsmRBwr9gLDhzWbRojMdfIX3DIawgrbmWYLZi4 Zh8y4aADE7jXlVV2viJrSeGVnCYJus5ZBZfWUcnXK8DDVmc1811HOoZ9NBYz10NV KU77Xd4ABMGxTpzhGRMmZ3BS0pPSCcOtXFID4HBZikRzNd5o0nESnCw/XJN2AbF +28jvo2LkVc3K/QJLOivLqAa3E4kK5MM0RzIqQnlt5LHAVZXuvH4Ozjfn1Aev1AFp cs6ZocWGsjg= =QO9M END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-255 Credentials Management

CPE : Common Platform Enumeration

Application 14

Nessus® Vulnerability Scanner

Date Description
2015-11-18 Name : The remote host has an application installed that is affected by multiple vul...
File : cisco_mse_8_0_120_7.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
Date Informations
2015-11-19 13:25:08
  • Multiple Updates
2015-11-06 21:27:32
  • Multiple Updates
2015-11-04 21:17:53
  • First insertion