Описание
Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video Phone E20 has a default password for the root account after an upgrade to TE 4.1.0, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtw69889, a different vulnerability than CVE-2011-2555.
Уязвимые конфигурации
Конфигурация 1Версия до te4.1.1-cucm (включая)
Одновременно
Одно из
cpe:2.3:a:cisco:telepresence_e20_software:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_e20_software:te2.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_e20_software:te2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_e20_software:te4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_e20_software:te4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_e20_software:te4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_e20_software:tenc4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_e20_software:tenc4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_e20_software:tenc4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_e20_software:tenc4.1.1-cucm:*:*:*:*:*:*:*
cpe:2.3:h:cisco:ip_video_phone_e20:-:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00861
Низкий
10 Critical
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video Phone E20 has a default password for the root account after an upgrade to TE 4.1.0, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtw69889, a different vulnerability than CVE-2011-2555.
EPSS
Процентиль: 75%
0.00861
Низкий
10 Critical
CVSS2
Дефекты
CWE-264