Описание
Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x has a default password for the Tomcat administration account, which makes it easier for remote attackers to execute arbitrary code via a crafted web application, aka Bug ID CSCta03378.
Комментарий
Per: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml
"Default Credentials
Cisco DMM versions 5.0.x and 5.1.x are affected by this vulnerability. Cisco DMM versions 4.x are not vulnerable"
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cisco:digital_media_manager:5.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:digital_media_manager:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:digital_media_manager:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:digital_media_manager:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:digital_media_manager:5.1:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.02929
Низкий
10 Critical
CVSS2
Дефекты
CWE-255
Связанные уязвимости
github
почти 4 года назад
Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x has a default password for the Tomcat administration account, which makes it easier for remote attackers to execute arbitrary code via a crafted web application, aka Bug ID CSCta03378.
EPSS
Процентиль: 86%
0.02929
Низкий
10 Critical
CVSS2
Дефекты
CWE-255