Executive Summary
Summary | |
---|---|
Title | Cisco Aironet 1800 Series Access Point Default Static Account Credentials Vulnerability |
Informations | |||
---|---|---|---|
Name | cisco-sa-20160113-air | First vendor Publication | 2016-01-13 |
Vendor | Cisco | Last vendor Modification | 2016-01-13 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A vulnerability in Cisco Aironet 1800 Series Access Point devices could allow an unauthenticated, remote attacker to log in to the device by using a default account that has a static password. By default, the account does not have full administrative privileges. The vulnerability is due to the presence of a default user account that is created when the device is installed. An attacker could exploit this vulnerability by logging in to the device by using the default account, which could allow the attacker to gain unauthorized access to the device. Cisco released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-air BEGIN PGP SIGNATURE Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVosVAIpI1I6i1Mx3AQJCpRAAtWYXszbCReZekmWZIvb18lJvLmVqpNq +KuUMPyowV1rWAmPuL6e3vzLysyigA1wL8VGes0Y9xwjQH7RC0SOxBll9A/WtcBsr JQjDn8VwvDBU0Z7GjrRKnjqYOY8M6l6f8OKn6zAYLUmyhpnpR95s9srXyjzgXz5A jfyLvUZhD+/RAnQlvqvBPbIVBUAXAWjFBWdjIR39u+6yRPhiYEobMNM8DmafRiVc H3nenqqBmKl8JJwZsGAneLIErMmfVHpTefqkgIX8Y9yBqMLbfH843QRzs5RpGPD9 5RmVCdi1UP6yeQV2kHUacMXXu/GlYfWEZUVvgRmtONdO00nQ532zhpPtxJ3w0UpF 9Z8qnjKwZN9BIySeatZ+Lvq6MQtbGEwZ9lxlv8NXDy29aInn1/MLE20fZwPkfKZF xZ4uvDPP0b0KII8kO/ALso/evE0Pv/wv+hblevEYBfb+T3dt6f9e0qHS7OTYTccr XUEllOsMFRAAabtgO1XIuh38q+Waf2hB8EWYagS0HT9KAOsd0pR86X9iz/BbpnvC TtDVlIxSJ/RQBYCbfkKbOdLEUvkb3vvJvSFu7J2qoRBXmP1Bu+ubovKrZpBOaSr1 jDT8xDU326MP2uAxAF8lVXD7lDJ6jK4NUM1KN3maW3LYqNT2fBEHX1VCvZHGNm4n eDaroWHF4MU= =WE2t END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-255 | Credentials Management |
CPE : Common Platform Enumeration
Alert History
Date | Informations |
---|---|
2016-02-11 08:49:02 |
|
2016-02-11 05:28:58 |
|
2016-02-11 00:29:17 |
|
2016-02-10 21:29:20 |
|
2016-02-10 17:28:59 |
|
2016-02-10 13:27:53 |
|
2016-02-10 09:28:57 |
|
2016-02-10 05:29:14 |
|
2016-02-10 00:29:14 |
|
2016-02-09 21:30:15 |
|
2016-02-09 17:30:23 |
|
2016-02-09 13:31:18 |
|
2016-01-13 21:23:49 |
|