CVE-2011-2555 - Cisco TelePresence Recording Server 1.7.2.x before 1.7.2.1 has a default password for the root admin

CVE-2011-2555

Summary

Cisco TelePresence Recording Server 1.7.2.x before 1.7.2.1 has a default password for the root administrator account, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtr76182.

References

http://securitytracker.com/id?1025872
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8ad3f.shtml
http://www.securityfocus.com/bid/48932
https://exchange.xforce.ibmcloud.com/vulnerabilities/68887

Vulnerable Configurations

cpe:2.3:a:cisco:telepresence_recording_server_software:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_recording_server_software:1.7.2:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 29-08-2017 - 01:29)
Impact:
Exploitability:

CWE

CWE-255

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	48932
cisco	20110729 Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability
sectrack	1025872
xf	cisco-telepresence-default-account(68887)

Last major update

29-08-2017 - 01:29

Published

29-08-2011 - 20:55

Last modified

29-08-2017 - 01:29