Lucene search
HistoryOct 03, 2022 - 4:14 p.m.
CVE-2013-3454
cisco
telepresence
software
default password
pwrecovery account
remote attackers
https requests
bug id cscui43128
nvd
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.2 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.0%
Cisco TelePresence System Software 1.10.1 and earlier on 500, 13X0, 1X00, 30X0, and 3X00 devices, and 6.0.3 and earlier on TX 9X00 devices, has a default password for the pwrecovery account, which makes it easier for remote attackers to modify the configuration or perform arbitrary actions via HTTPS requests, aka Bug ID CSCui43128.
Affected configurations
Node
ciscotelepresence_system_tx9000
ORciscotelepresence_system_tx9200
ciscotelepresence_system_softwareRange≤6.0.3\(33\)
ORciscotelepresence_system_softwareMatch1.9.0\(46\)
ORciscotelepresence_system_softwareMatch1.9.0.1\(3\)
ORciscotelepresence_system_softwareMatch1.9.1\(68\)
ORciscotelepresence_system_softwareMatch1.9.2
ORciscotelepresence_system_softwareMatch1.9.2\(19\)
ORciscotelepresence_system_softwareMatch1.9.3
ORciscotelepresence_system_softwareMatch1.9.3\(44\)
ORciscotelepresence_system_softwareMatch1.9.4
ORciscotelepresence_system_softwareMatch1.9.4\(19\)
ORciscotelepresence_system_softwareMatch1.9.5
ORciscotelepresence_system_softwareMatch1.9.5\(7\)
ORciscotelepresence_system_softwareMatch1.9.6
ORciscotelepresence_system_softwareMatch1.9.6\(2\)
ORciscotelepresence_system_softwareMatch6.0.0.1\(4\)
ORciscotelepresence_system_softwareMatch6.0.1\(50\)
ORciscotelepresence_system_softwareMatch6.0.2\(28\)
Node
ciscotelepresence_system_softwareRange≤1.10.1
ORciscotelepresence_system_softwareMatch1.2.3
ORciscotelepresence_system_softwareMatch1.2.3\(1101\)
ORciscotelepresence_system_softwareMatch1.3.2
ORciscotelepresence_system_softwareMatch1.3.2\(1393\)
ORciscotelepresence_system_softwareMatch1.4.7
ORciscotelepresence_system_softwareMatch1.4.7\(2229\)
ORciscotelepresence_system_softwareMatch1.5.1
ORciscotelepresence_system_softwareMatch1.5.1\(2082\)
ORciscotelepresence_system_softwareMatch1.5.3
ORciscotelepresence_system_softwareMatch1.5.3\(2115\)
ORciscotelepresence_system_softwareMatch1.5.10
ORciscotelepresence_system_softwareMatch1.5.10\(3648\)
ORciscotelepresence_system_softwareMatch1.5.11
ORciscotelepresence_system_softwareMatch1.5.11\(3659\)
ORciscotelepresence_system_softwareMatch1.5.12
ORciscotelepresence_system_softwareMatch1.5.12\(3701\)
ORciscotelepresence_system_softwareMatch1.5.13
ORciscotelepresence_system_softwareMatch1.5.13\(3717\)
ORciscotelepresence_system_softwareMatch1.6.0
ORciscotelepresence_system_softwareMatch1.6.0\(3954\)
ORciscotelepresence_system_softwareMatch1.6.1
ORciscotelepresence_system_softwareMatch1.6.2
ORciscotelepresence_system_softwareMatch1.6.2\(4023\)
ORciscotelepresence_system_softwareMatch1.6.3
ORciscotelepresence_system_softwareMatch1.6.3\(4042\)
ORciscotelepresence_system_softwareMatch1.6.4
ORciscotelepresence_system_softwareMatch1.6.4\(4072\)
ORciscotelepresence_system_softwareMatch1.6.5
ORciscotelepresence_system_softwareMatch1.6.5\(4097\)
ORciscotelepresence_system_softwareMatch1.6.6
ORciscotelepresence_system_softwareMatch1.6.6\(4109\)
ORciscotelepresence_system_softwareMatch1.6.7
ORciscotelepresence_system_softwareMatch1.6.7\(4212\)
ORciscotelepresence_system_softwareMatch1.6.8
ORciscotelepresence_system_softwareMatch1.6.8\(4222\)
ORciscotelepresence_system_softwareMatch1.7.0.1\(4764\)
ORciscotelepresence_system_softwareMatch1.7.0.2\(4719\)
ORciscotelepresence_system_softwareMatch1.7.1\(4864\)
ORciscotelepresence_system_softwareMatch1.7.2\(4937\)
ORciscotelepresence_system_softwareMatch1.7.2.1\(2\)
ORciscotelepresence_system_softwareMatch1.7.4\(270\)
ORciscotelepresence_system_softwareMatch1.7.5\(42\)
ORciscotelepresence_system_softwareMatch1.7.6\(4\)
ORciscotelepresence_system_softwareMatch1.8.0\(55\)
ORciscotelepresence_system_softwareMatch1.8.1\(34\)
ORciscotelepresence_system_softwareMatch1.8.2\(11\)
ORciscotelepresence_system_softwareMatch1.8.3\(4\)
ORciscotelepresence_system_softwareMatch1.9.0\(46\)
ORciscotelepresence_system_softwareMatch1.9.0.1\(3\)
ORciscotelepresence_system_softwareMatch1.9.1\(68\)
ORciscotelepresence_system_softwareMatch1.9.2
ORciscotelepresence_system_softwareMatch1.9.3
ORciscotelepresence_system_softwareMatch1.9.4
ORciscotelepresence_system_softwareMatch1.9.5
ORciscotelepresence_system_softwareMatch1.9.6
ORciscotelepresence_system_softwareMatch1.10.0
ciscotelepresence_system_1300Match-
ORciscotelepresence_system_1300-65Match-
ORciscotelepresence_system_3000
ORciscotelepresence_system_3010
ORciscotelepresence_system_3200
ORciscotelepresence_system_3210
ORciscotelepresence_system_500-32Match-
ORciscotelepresence_system_500-37Match-
Related
prion
prion
Default credentials
2013-08-08 14:55:00
cisco
cisco
Cisco TelePresence System Default Credentials Vulnerability
2013-08-07 16:00:00
nvd
nvd
CVE-2013-3454
2013-08-08 14:55:08
cvelist
cvelist
CVE-2013-3454
2022-10-03 16:14:45
securityvulns
securityvulns
Cisco TelePresence security vulnerabilities
2013-08-12 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.2 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.0%
Related for CVE-2013-3454