var-201102-0212
Vulnerability from variot
The default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video units, with software before TC4.0.0 has a blank password for the root account, which makes it easier for remote attackers to obtain access via an unspecified login method. The software version of the Tandberg unit can be determined by logging into the web-based user interface (UI) or using the “xStatus SystemUnit” command. Users can determine the Tandberg software version by entering the IP address of the codec in a web browser, authenticating (if the device is configured for authentication), and then selecting the “system info” menu option. The version number is displayed after the “Software Version” label in the System Info box. Alternatively the software version can be determined from the device's application programmer interface using the “xStatus SystemUnit” command. The software version running on the codec is displayed after the “SystemUnit Software Version” label. The output from “xStatus SystemUnit” will display a result similar to the following:” xStatus SystemUnit * s SystemUnit ProductType: “Cisco TelePresence Codec” s SystemUnit ProductId: “Cisco TelePresence Codec C90” s SystemUnit ProductPlatform: “C90” s SystemUnit Uptime: 597095 s SystemUnit Software Application: “Endpoint” s SystemUnit Software Version: “TC4.0” s SystemUnit Software Name: “s52000” s SystemUnit Software ReleaseDate: “2010-11-01” s SystemUnit Software MaxVideoCalls: 3 s SystemUnit Software MaxAudioCalls: 4 s SystemUnit Software ReleaseKey: “true” s SystemUnit Software OptionKeys NaturalPresenter: “true” s SystemUnit Software OptionKeys MultiSite: “true” s SystemUnit Software OptionKeys PremiumResolution: “true” s SystemUnit Hardware Module SerialNumber: “B1AD25A00003” s SystemUnit Hardware Module Identifier: “0” s SystemUnit Hardware MainBoard SerialNumber: “PH0497201” s SystemUnit Hardware MainBoard Identifier: “101401-3 [04]“ s SystemUnit Hardware VideoBoard SerialNumber: “PH0497874” s SystemUnit Hardware VideoBoard Identifier: “101560-1 [02]“ s SystemUnit Hardware AudioBoard SerialNumber: “N/A” s SystemUnit Hardware AudioBoard Identifier: ”“ s SystemUnit Hardware BootSoftware: “U-Boot 2009.03-65” s SystemUnit State System: Initialized s SystemUnit State MaxNumberOfCalls: 3 s SystemUnit State MaxNumberOfActiveCalls: 3 s SystemUnit State NumberOfActiveCalls: 1 s SystemUnit State NumberOfSuspendedCalls: 0 s SystemUnit State NumberOfInProgressCalls: 0 s SystemUnit State Subsystem Application: Initialized *s SystemUnit ContactInfo: “helpdesk@company.com” ** endA third party who has access to the product may gain administrator privileges. Cisco's multiple TANDBERG products have security vulnerabilities that allow local malicious users to gain control of the product. Determine the version of Tandberg. An attacker can exploit this issue to gain unauthorized root access to the affected devices. Successful exploits will result in the complete compromise of the affected device. ----------------------------------------------------------------------
Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM).
Request a free trial: http://secunia.com/products/corporate/vim/
TITLE: TANDBERG Products Root Default Password Security Issue
SECUNIA ADVISORY ID: SA43158
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43158/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43158
RELEASE DATE: 2011-02-04
DISCUSS ADVISORY: http://secunia.com/advisories/43158/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43158/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43158
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A security issue has been reported in multiple TANDBERG products, which can be exploited by malicious people to compromise a vulnerable system.
PROVIDED AND/OR DISCOVERED BY: Reported by xorcist in an article of the 2600 magazine (volume 27,
3).
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20110202-tandberg.shtml
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. An attacker could use this account in order to modify the application configuration or operating system settings.
Resolving this default password issue does not require a software upgrade and can be changed or disabled by a configuration command for all affected customers. The workaround detailed in this document demonstrates how to disable the root account or change the password.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110202-tandberg.shtml.
Details
Tandberg devices are part of the Cisco TelePresence Systems that provide Cisco TelePresence endpoints for immersive environments, conference rooms, individual desktops and home offices.
These devices contain a root user that is enabled for advanced debugging that is unnecessary during normal operations. The root account is not the same as the admin and user accounts. The default configuration prior to TC 4.0.0 does not set a password for the root user.
When a device is upgraded to TC 4.0.0, the root user is disabled.
This vulnerability has been assigned the CVE ID CVE-2011-0354.
Vulnerability Scoring Details
Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
- Root account enabled by default with no password
CVSS Base Score - 10 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - Complete Integrity Impact - Complete Availability Impact - Complete
CVSS Temporal Score - 8.3 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed
Impact
Successful exploitation of the vulnerability may allow an unauthorized user to modify the application configuration and the operating system settings or gain complete administrative control of the device.
Software Versions and Fixes
When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.
In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance.
Workarounds
The root user is disabled in the default configuration starting in the TC4.0.0 software version. To disable the root account, an administrator should log in to the applications programmer interface and use the command "systemtools rootsettings off" to temporarily disable the account, or the command "systemtools rootsettings never" to permanently disable the root user.
The root user is enabled for advanced debugging. If the root user is needed, the password should be configured when the account is enabled. This can be done through the command "systemtools rootsettings on [password]". To disable the root account, an administrator should log in to the applications programmer interface and use the command "systemtools rootsettings off" to temporarily disable the account, or the command "systemtools rootsettings never" to permanently disable the root user.
The root user is enabled for advanced debugging. If the root user is needed, the password should be configured when the account is enabled. This can be done through the command "systemtools rootsettings on [password]".
The default configuration of devices running TC4.0.0 does not contain a password for the administrator account. The password for the administrator account should be set with the command "xCommand SystemUnit AdminPassword Set Password: [password]. The password for the root account is the same as the administrator password. The administrator password is set with the command "xCommand SystemUnit AdminPassword Set Password: [password]".
Obtaining Fixed Software
Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml
Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.
Customers with Service Contracts +-------------------------------
Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com.
Customers using Third Party Support Organizations +------------------------------------------------
Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory.
The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed.
Customers without Service Contracts +----------------------------------
Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows.
- +1 800 553 2447 (toll free from within North America)
- +1 408 526 7209 (toll call from anywhere in the world)
- e-mail: tac@cisco.com
Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC.
Refer to http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages.
Exploitation and Public Announcements
This vulnerability has been discussed in the article "Hacking and Securing the Tandberg C20" published in Volume 27, Number 3 of the 2600 Magazine.
Status of this Notice: FINAL
This information is Cisco Highly Confidential - Do not redistribute.
THIS IS A DRAFT VERSION OF A SECURITY NOTICE THAT CONTAINS UNRELEASED INFORMATION ABOUT CISCO PRODUCTS. DISTRIBUTION WITHIN CISCO IS LIMITED TO PERSONNEL WITH A NEED TO KNOW. THIS DRAFT MAY CONTAIN ERRORS OR OMIT IMPORTANT INFORMATION.
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
Distribution
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20110202-tandberg.shtml
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.
- cust-security-announce@cisco.com
- first-bulletins@lists.first.org
- bugtraq@securityfocus.com
- vulnwatch@vulnwatch.org
- cisco@spot.colorado.edu
- cisco-nsp@puck.nether.net
- full-disclosure@lists.grok.org.uk
- comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+---------------------------------------+ | Revision | | Initial | | 1.0 | 2011-Feb-02 | public | | | | release. | +---------------------------------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.
+-------------------------------------------------------------------- All contents are Copyright 2011-2007 Cisco Systems, Inc. All rights reserved. +--------------------------------------------------------------------
Updated: Feb 02, 2011 Document ID: 112247 -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
iF4EAREIAAYFAk1JjBQACgkQQXnnBKKRMNDwoAD/drZn3b3jiAKxHxsn8YUdNzOu KgtSit4dAjrrKx41AXkA/29dkXOf0nZu4y00cBHOGhKMkyj5DAZrkT6aqyvgnZmA =4vVm -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0212",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tandberg endpoint",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "tc2.1.2"
},
{
"model": "tandberg personal video unit software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "tc3.1.2"
},
{
"model": "tandberg personal video unit software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "tc3.1.1"
},
{
"model": "tandberg endpoint",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "tc3.1.1"
},
{
"model": "tandberg personal video unit software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "tc3.1.0"
},
{
"model": "tandberg personal video unit software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "te1.0.1"
},
{
"model": "tandberg personal video unit software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "te2.2.0"
},
{
"model": "tandberg personal video unit software",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "te2.2.1"
},
{
"model": "tandberg personal video unit",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "e20"
},
{
"model": "tandberg endpoint",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "tc3.1.3"
},
{
"model": "tandberg endpoint",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "tc3.1.0"
},
{
"model": "tandberg personal video unit",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "ex90"
},
{
"model": "tandberg personal video unit",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "ex60"
},
{
"model": "tandberg endpoint",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "c20"
},
{
"model": "tandberg endpoint",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "tc3.1.2"
},
{
"model": "tandberg endpoint",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "c90"
},
{
"model": "tandberg personal video unit software",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "tc3.1.3"
},
{
"model": "tandberg endpoint",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "c40"
},
{
"model": "tandberg endpoint",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "c60"
},
{
"model": "tandberg endpoint",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "tc3.0.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "tandberg c series endpoints",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "tandberg e/ex personal video units",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "tandberg e20",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "tandberg ex60",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "tandberg ex90",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "tandberg code c20",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "tandberg code c40",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "tandberg code c60",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "tandberg code c90",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "tandberg personal video unit software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "te2.2.1"
},
{
"model": "tandberg personal video unit software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "tc3.1.3"
},
{
"model": "tandberg ex90",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg ex60",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg e20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codec c90",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codec c60",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codec c40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codec c20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#436854"
},
{
"db": "CNVD",
"id": "CNVD-2011-0431"
},
{
"db": "BID",
"id": "46107"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001149"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-049"
},
{
"db": "NVD",
"id": "CVE-2011-0354"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:tandberg_endpoint",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:tandberg_personal_video_unit",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001149"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "2600 Magazine",
"sources": [
{
"db": "BID",
"id": "46107"
}
],
"trust": 0.3
},
"cve": "CVE-2011-0354",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-0354",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-48299",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0354",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#436854",
"trust": 0.8,
"value": "99.00"
},
{
"author": "NVD",
"id": "CVE-2011-0354",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-049",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48299",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#436854"
},
{
"db": "VULHUB",
"id": "VHN-48299"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001149"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-049"
},
{
"db": "NVD",
"id": "CVE-2011-0354"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video units, with software before TC4.0.0 has a blank password for the root account, which makes it easier for remote attackers to obtain access via an unspecified login method. The software version of the Tandberg unit can be determined by logging into the web-based user interface (UI) or using the \u201cxStatus SystemUnit\u201d command. Users can determine the Tandberg software version by entering the IP address of the codec in a web browser, authenticating (if the device is configured for authentication), and then selecting the \u201csystem info\u201d menu option. The version number is displayed after the \u201cSoftware Version\u201d label in the System Info box. Alternatively the software version can be determined from the device\u0027s application programmer interface using the \u201cxStatus SystemUnit\u201d command. The software version running on the codec is displayed after the \u201cSystemUnit Software Version\u201d label. The output from \u201cxStatus SystemUnit\u201d will display a result similar to the following:\u201d xStatus SystemUnit * *s SystemUnit ProductType: \u201cCisco TelePresence Codec\u201d *s SystemUnit ProductId: \u201cCisco TelePresence Codec C90\u201d *s SystemUnit ProductPlatform: \u201cC90\u201d *s SystemUnit Uptime: 597095 *s SystemUnit Software Application: \u201cEndpoint\u201d *s SystemUnit Software Version: \u201cTC4.0\u201d *s SystemUnit Software Name: \u201cs52000\u201d *s SystemUnit Software ReleaseDate: \u201c2010-11-01\u201d *s SystemUnit Software MaxVideoCalls: 3 *s SystemUnit Software MaxAudioCalls: 4 *s SystemUnit Software ReleaseKey: \u201ctrue\u201d *s SystemUnit Software OptionKeys NaturalPresenter: \u201ctrue\u201d *s SystemUnit Software OptionKeys MultiSite: \u201ctrue\u201d *s SystemUnit Software OptionKeys PremiumResolution: \u201ctrue\u201d *s SystemUnit Hardware Module SerialNumber: \u201cB1AD25A00003\u201d *s SystemUnit Hardware Module Identifier: \u201c0\u201d *s SystemUnit Hardware MainBoard SerialNumber: \u201cPH0497201\u201d *s SystemUnit Hardware MainBoard Identifier: \u201c101401-3 [04]\u201c *s SystemUnit Hardware VideoBoard SerialNumber: \u201cPH0497874\u201d *s SystemUnit Hardware VideoBoard Identifier: \u201c101560-1 [02]\u201c *s SystemUnit Hardware AudioBoard SerialNumber: \u201cN/A\u201d *s SystemUnit Hardware AudioBoard Identifier: \u201d\u201c *s SystemUnit Hardware BootSoftware: \u201cU-Boot 2009.03-65\u201d *s SystemUnit State System: Initialized *s SystemUnit State MaxNumberOfCalls: 3 *s SystemUnit State MaxNumberOfActiveCalls: 3 *s SystemUnit State NumberOfActiveCalls: 1 *s SystemUnit State NumberOfSuspendedCalls: 0 *s SystemUnit State NumberOfInProgressCalls: 0 *s SystemUnit State Subsystem Application: Initialized *s SystemUnit ContactInfo: \u201chelpdesk@company.com\u201d ** endA third party who has access to the product may gain administrator privileges. Cisco\u0027s multiple TANDBERG products have security vulnerabilities that allow local malicious users to gain control of the product. Determine the version of Tandberg. \nAn attacker can exploit this issue to gain unauthorized root access to the affected devices. Successful exploits will result in the complete compromise of the affected device. ----------------------------------------------------------------------\n\n\nSecure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). \n\nRequest a free trial: \nhttp://secunia.com/products/corporate/vim/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nTANDBERG Products Root Default Password Security Issue\n\nSECUNIA ADVISORY ID:\nSA43158\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43158/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43158\n\nRELEASE DATE:\n2011-02-04\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43158/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43158/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43158\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA security issue has been reported in multiple TANDBERG products,\nwhich can be exploited by malicious people to compromise a vulnerable\nsystem. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by xorcist in an article of the 2600 magazine (volume 27,\n#3). \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20110202-tandberg.shtml\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. An\nattacker could use this account in order to modify the application\nconfiguration or operating system settings. \n\nResolving this default password issue does not require a software\nupgrade and can be changed or disabled by a configuration command for\nall affected customers. The workaround detailed in this document\ndemonstrates how to disable the root account or change the password. \n\nThis advisory is posted at \nhttp://www.cisco.com/warp/public/707/cisco-sa-20110202-tandberg.shtml. \n\nDetails\n=======\n\nTandberg devices are part of the Cisco TelePresence Systems that\nprovide Cisco TelePresence endpoints for immersive environments,\nconference rooms, individual desktops and home offices. \n\nThese devices contain a root user that is enabled for advanced\ndebugging that is unnecessary during normal operations. The root\naccount is not the same as the admin and user accounts. The\ndefault configuration prior to TC 4.0.0 does not set a password for\nthe root user. \n\nWhen a device is upgraded to TC 4.0.0, the root user is disabled. \n\nThis vulnerability has been assigned the CVE ID CVE-2011-0354. \n\nVulnerability Scoring Details\n=============================\n\nCisco has provided scores for the vulnerabilities in this advisory\nbased on the Common Vulnerability Scoring System (CVSS). The CVSS\nscoring in this Security Advisory is done in accordance with CVSS\nversion 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of\nthe vulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding\nCVSS at:\n\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at:\n\nhttp://intellishield.cisco.com/security/alertmanager/cvss\n\n* Root account enabled by default with no password \n\nCVSS Base Score - 10\n Access Vector - Network\n Access Complexity - Low\n Authentication - None\n Confidentiality Impact - Complete \n Integrity Impact - Complete \n Availability Impact - Complete\n\nCVSS Temporal Score - 8.3\n Exploitability - Functional\n Remediation Level - Official-Fix\n Report Confidence - Confirmed\n\n\nImpact\n======\n\nSuccessful exploitation of the vulnerability may allow an\nunauthorized user to modify the application configuration and the\noperating system settings or gain complete administrative control of\nthe device. \n\nSoftware Versions and Fixes\n===========================\n\nWhen considering software upgrades, also consult \nhttp://www.cisco.com/go/psirt \nand any subsequent advisories to determine exposure and a\ncomplete upgrade solution. \n\nIn all cases, customers should exercise caution to be certain the\ndevices to be upgraded contain sufficient memory and that current\nhardware and software configurations will continue to be supported\nproperly by the new release. If the information is not clear, contact\nthe Cisco Technical Assistance Center (TAC) or your contracted\nmaintenance provider for assistance. \n\nWorkarounds\n===========\n\nThe root user is disabled in the default configuration starting in\nthe TC4.0.0 software version. To disable the root account, an\nadministrator should log in to the applications programmer interface\nand use the command \"systemtools rootsettings off\" to temporarily\ndisable the account, or the command \"systemtools rootsettings never\"\nto permanently disable the root user. \n\nThe root user is enabled for advanced debugging. If the root user is\nneeded, the password should be configured when the account is\nenabled. This can be done through the command \"systemtools\nrootsettings on [password]\". To disable the root account, an\nadministrator should log in to the applications programmer interface\nand use the command \"systemtools rootsettings off\" to temporarily\ndisable the account, or the command \"systemtools rootsettings never\"\nto permanently disable the root user. \n\nThe root user is enabled for advanced debugging. If the root user is\nneeded, the password should be configured when the account is\nenabled. This can be done through the command \"systemtools\nrootsettings on [password]\". \n\nThe default configuration of devices running TC4.0.0 does not contain\na password for the administrator account. The password for the\nadministrator account should be set with the command \"xCommand\nSystemUnit AdminPassword Set Password: [password]. The password for the root account is the same as\nthe administrator password. The administrator password is set with\nthe command \"xCommand SystemUnit AdminPassword Set Password:\n[password]\". \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. Prior to deploying software, customers should\nconsult their maintenance provider or check the software for feature\nset compatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature sets\nthey have purchased. By installing, downloading, accessing or\notherwise using such software upgrades, customers agree to be bound\nby the terms of Cisco\u0027s software license terms found at \nhttp://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,\nor as otherwise set forth at Cisco.com Downloads at \nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml \n\nDo not contact psirt@cisco.com or security-alert@cisco.com for\nsoftware upgrades. \n\nCustomers with Service Contracts\n+-------------------------------\n\nCustomers with contracts should obtain upgraded software through\ntheir regular update channels. For most customers, this means that\nupgrades should be obtained through the Software Center on Cisco\u0027s\nworldwide website at http://www.cisco.com. \n\nCustomers using Third Party Support Organizations\n+------------------------------------------------\n\nCustomers whose Cisco products are provided or maintained through\nprior or existing agreements with third-party support organizations,\nsuch as Cisco Partners, authorized resellers, or service providers\nshould contact that support organization for guidance and assistance\nwith the appropriate course of action in regards to this advisory. \n\nThe effectiveness of any workaround or fix is dependent on specific\ncustomer situations, such as product mix, network topology, traffic\nbehavior, and organizational mission. Due to the variety of affected\nproducts and releases, customers should consult with their service\nprovider or support organization to ensure any applied workaround or\nfix is the most appropriate for use in the intended network before it\nis deployed. \n\nCustomers without Service Contracts\n+----------------------------------\n\nCustomers who purchase direct from Cisco but do not hold a Cisco\nservice contract, and customers who purchase through third-party\nvendors but are unsuccessful in obtaining fixed software through\ntheir point of sale should acquire upgrades by contacting the Cisco\nTechnical Assistance Center (TAC). TAC contacts are as follows. \n\n * +1 800 553 2447 (toll free from within North America)\n * +1 408 526 7209 (toll call from anywhere in the world)\n * e-mail: tac@cisco.com\n\nCustomers should have their product serial number available and be\nprepared to give the URL of this notice as evidence of entitlement to\na free upgrade. Free upgrades for non-contract customers must be\nrequested through the TAC. \n\nRefer to \nhttp://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html \nfor additional TAC contact information, including localized telephone \nnumbers, and instructions and e-mail addresses for use in various \nlanguages. \n\nExploitation and Public Announcements\n=====================================\n\nThis vulnerability has been discussed in the article \"Hacking and\nSecuring the Tandberg C20\" published in Volume 27, Number 3 of the\n2600 Magazine. \n\nStatus of this Notice: FINAL\n============================\n\nThis information is Cisco Highly Confidential - Do not redistribute. \n\nTHIS IS A DRAFT VERSION OF A SECURITY NOTICE THAT CONTAINS UNRELEASED\nINFORMATION ABOUT CISCO PRODUCTS. DISTRIBUTION WITHIN CISCO IS\nLIMITED TO PERSONNEL WITH A NEED TO KNOW. THIS DRAFT MAY CONTAIN\nERRORS OR OMIT IMPORTANT INFORMATION. \n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY\nKIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at:\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20110202-tandberg.shtml\n\nIn addition to worldwide web posting, a text version of this notice\nis clear-signed with the Cisco PSIRT PGP key and is posted to the\nfollowing e-mail and Usenet news recipients. \n\n * cust-security-announce@cisco.com\n * first-bulletins@lists.first.org\n * bugtraq@securityfocus.com\n * vulnwatch@vulnwatch.org\n * cisco@spot.colorado.edu\n * cisco-nsp@puck.nether.net\n * full-disclosure@lists.grok.org.uk\n * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on\nmailing lists or newsgroups. Users concerned about this problem are\nencouraged to check the above URL for any updates. \n\nRevision History\n================\n\n+---------------------------------------+\n| Revision | | Initial |\n| 1.0 | 2011-Feb-02 | public |\n| | | release. |\n+---------------------------------------+\n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in Cisco\nproducts, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at \nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. \nThis includes instructions for press inquiries regarding Cisco security notices. \nAll Cisco security advisories are available at \nhttp://www.cisco.com/go/psirt. \n\n+--------------------------------------------------------------------\nAll contents are Copyright 2011-2007 Cisco Systems, Inc. All rights\nreserved. \n+--------------------------------------------------------------------\n\nUpdated: Feb 02, 2011 Document ID: 112247\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.14 (Darwin)\n\niF4EAREIAAYFAk1JjBQACgkQQXnnBKKRMNDwoAD/drZn3b3jiAKxHxsn8YUdNzOu\nKgtSit4dAjrrKx41AXkA/29dkXOf0nZu4y00cBHOGhKMkyj5DAZrkT6aqyvgnZmA\n=4vVm\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0354"
},
{
"db": "CERT/CC",
"id": "VU#436854"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001149"
},
{
"db": "CNVD",
"id": "CNVD-2011-0431"
},
{
"db": "BID",
"id": "46107"
},
{
"db": "VULHUB",
"id": "VHN-48299"
},
{
"db": "PACKETSTORM",
"id": "98132"
},
{
"db": "PACKETSTORM",
"id": "98113"
}
],
"trust": 3.42
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48299",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48299"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#436854",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2011-0354",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "43158",
"trust": 3.4
},
{
"db": "BID",
"id": "46107",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1025017",
"trust": 2.5
},
{
"db": "EXPLOIT-DB",
"id": "16100",
"trust": 1.7
},
{
"db": "SREASON",
"id": "8060",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001149",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-049",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2011-0431",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20110202 DEFAULT CREDENTIALS FOR ROOT ACCOUNT ON TANDBERG E, EX AND C SERIES ENDPOINTS",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "16399",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "98113",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-70658",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-48299",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98132",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#436854"
},
{
"db": "CNVD",
"id": "CNVD-2011-0431"
},
{
"db": "VULHUB",
"id": "VHN-48299"
},
{
"db": "BID",
"id": "46107"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001149"
},
{
"db": "PACKETSTORM",
"id": "98132"
},
{
"db": "PACKETSTORM",
"id": "98113"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-049"
},
{
"db": "NVD",
"id": "CVE-2011-0354"
}
]
},
"id": "VAR-201102-0212",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0431"
},
{
"db": "VULHUB",
"id": "VHN-48299"
}
],
"trust": 1.5571428714285716
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0431"
}
]
},
"last_update_date": "2024-11-23T23:06:33.615000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20110202-tandberg",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20110202-tandberg.shtml"
},
{
"title": "22314",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22314"
},
{
"title": "TANDBERG Software Downloads",
"trust": 0.8,
"url": "http://www.tandberg.com/support/video-conferencing-software-download.jsp?t=2"
},
{
"title": "cisco-sa-20110202-tandberg",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/JP/110/1103/1103540_cisco-sa-20110202-tandberg-j.html"
},
{
"title": "Cisco TANDBERG C-Series and E/EX Series Default Account Verification Bypass Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/2800"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0431"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001149"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48299"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001149"
},
{
"db": "NVD",
"id": "CVE-2011-0354"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.kb.cert.org/vuls/id/436854"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/46107"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1025017"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/43158"
},
{
"trust": 2.0,
"url": "http://www.cisco.com/en/us/products/ps11422/products_security_advisory09186a0080b69541.shtml"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=22314"
},
{
"trust": 1.7,
"url": "http://www.exploit-db.com/exploits/16100"
},
{
"trust": 1.1,
"url": "http://securityreason.com/securityalert/8060"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20110202-tandberg.shtml"
},
{
"trust": 0.9,
"url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/43158/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0354"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu436854"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0354"
},
{
"trust": 0.6,
"url": "http://www.cisco.com/en/us/products/ps11422/products_security_advisory09186a0080b69541.shtmlhttp"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/16399"
},
{
"trust": 0.4,
"url": "http://www.tandberg.com/support/video-conferencing-software-download.jsp?t=2"
},
{
"trust": 0.3,
"url": "/archive/1/516126"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43158/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43158"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0354"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/support/tsd_cisco_worldwide_contacts.html"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
},
{
"trust": 0.1,
"url": "http://www.cisco.com."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20110202-tandberg.shtml."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/docs/general/warranty/english/eu1ken_.html,"
},
{
"trust": 0.1,
"url": "http://intellishield.cisco.com/security/alertmanager/cvss"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#436854"
},
{
"db": "CNVD",
"id": "CNVD-2011-0431"
},
{
"db": "VULHUB",
"id": "VHN-48299"
},
{
"db": "BID",
"id": "46107"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001149"
},
{
"db": "PACKETSTORM",
"id": "98132"
},
{
"db": "PACKETSTORM",
"id": "98113"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-049"
},
{
"db": "NVD",
"id": "CVE-2011-0354"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#436854"
},
{
"db": "CNVD",
"id": "CNVD-2011-0431"
},
{
"db": "VULHUB",
"id": "VHN-48299"
},
{
"db": "BID",
"id": "46107"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001149"
},
{
"db": "PACKETSTORM",
"id": "98132"
},
{
"db": "PACKETSTORM",
"id": "98113"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-049"
},
{
"db": "NVD",
"id": "CVE-2011-0354"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-03T00:00:00",
"db": "CERT/CC",
"id": "VU#436854"
},
{
"date": "2011-02-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-0431"
},
{
"date": "2011-02-03T00:00:00",
"db": "VULHUB",
"id": "VHN-48299"
},
{
"date": "2010-10-24T00:00:00",
"db": "BID",
"id": "46107"
},
{
"date": "2011-03-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001149"
},
{
"date": "2011-02-03T05:24:37",
"db": "PACKETSTORM",
"id": "98132"
},
{
"date": "2011-02-03T07:24:17",
"db": "PACKETSTORM",
"id": "98113"
},
{
"date": "2011-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-049"
},
{
"date": "2011-02-03T16:00:02.570000",
"db": "NVD",
"id": "CVE-2011-0354"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-03T00:00:00",
"db": "CERT/CC",
"id": "VU#436854"
},
{
"date": "2011-02-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-0431"
},
{
"date": "2011-09-22T00:00:00",
"db": "VULHUB",
"id": "VHN-48299"
},
{
"date": "2011-02-03T14:52:00",
"db": "BID",
"id": "46107"
},
{
"date": "2011-03-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001149"
},
{
"date": "2011-02-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-049"
},
{
"date": "2024-11-21T01:23:49.123000",
"db": "NVD",
"id": "CVE-2011-0354"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-049"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Tandberg E, EX, and C Series default root credentials",
"sources": [
{
"db": "CERT/CC",
"id": "VU#436854"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-049"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.