exploitDog

CVE-2014-0709

Опубликовано: 22 фев. 2014

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Описание

Cisco UCS Director (formerly Cloupia) before 4.0.0.3 has a hardcoded password for the root account, which makes it easier for remote attackers to obtain administrative access via an SSH session to the CLI interface, aka Bug ID CSCui73930.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ucsd
Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ucsd
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cisco:ucs_director:*:*:*:*:*:*:*:*

Версия до 4.0.0.2 (включая)

cpe:2.3:a:cisco:ucs_director:4.0.0.0:*:*:*:*:*:*:*

cpe:2.3:a:cisco:ucs_director:4.0.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00471

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-255

Связанные уязвимости

GHSA-r7vj-ghvm-j3pp

github

больше 3 лет назад

Cisco UCS Director (formerly Cloupia) before 4.0.0.3 has a hardcoded password for the root account, which makes it easier for remote attackers to obtain administrative access via an SSH session to the CLI interface, aka Bug ID CSCui73930.

EPSS

Процентиль: 64%

0.00471

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-255