Описание
A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials.
This vulnerability is due to improper storage of the unencrypted database credentials on the device that is running Cisco IOS XR Software. An attacker could exploit this vulnerability by accessing the configuration files on an affected system. A successful exploit could allow the attacker to view MongoDB credentials.
Уязвимые конфигурации
Одно из
EPSS
8.4 High
CVSS3
5.5 Medium
CVSS3
Дефекты
Связанные уязвимости
A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials. This vulnerability is due to improper storage of the unencrypted database credentials on the device that is running Cisco IOS XR Software. An attacker could exploit this vulnerability by accessing the configuration files on an affected system. A successful exploit could allow the attacker to view MongoDB credentials.
Уязвимость компонента Routed PON Controller Software операционной системы Cisco IOS XR маршрутизаторов Cisco NCS 540 Series Routers, NCS 5500 Series Routers, NCS 5700 Series Routers, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
8.4 High
CVSS3
5.5 Medium
CVSS3