Lucene search
CiscoCVE-2014-0709HistoryFeb 22, 2014 - 9:55 p.m.
CVE-2014-0709
2014-02-2221:55:09
CWE-255
cisco
web.nvd.nist.gov
24
cisco
ucs director
cloupia
vulnerability
hardcoded password
remote access
ssh
bug id
cscui73930
nvd
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7
Confidence
Low
EPSS
0.004
Percentile
73.4%
Cisco UCS Director (formerly Cloupia) before 4.0.0.3 has a hardcoded password for the root account, which makes it easier for remote attackers to obtain administrative access via an SSH session to the CLI interface, aka Bug ID CSCui73930.
Affected configurations
Node
ciscoucs_directorRange≤4.0.0.2
ORciscoucs_directorMatch4.0.0.0
ORciscoucs_directorMatch4.0.0.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | ucs_director | * | cpe:2.3:a:cisco:ucs_director:*:*:*:*:*:*:*:* |
| cisco | ucs_director | 4.0.0.0 | cpe:2.3:a:cisco:ucs_director:4.0.0.0:*:*:*:*:*:*:* |
| cisco | ucs_director | 4.0.0.1 | cpe:2.3:a:cisco:ucs_director:4.0.0.1:*:*:*:*:*:*:* |
Related
securityvulns
securityvulns
Cisco UCS Director default credentials
2014-03-20 00:00:00
cvelist
cvelist
CVE-2014-0709
2014-02-22 21:00:00
cisco
cisco
Cisco UCS Director Default Credentials Vulnerability
2014-02-19 16:00:00
prion
prion
Hardcoded credentials
2014-02-22 21:55:00
nvd
nvd
CVE-2014-0709
2014-02-22 21:55:09
seebug
seebug
Cisco Unified Computing System Director默认验证凭据安全绕过漏洞
2014-02-21 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7
Confidence
Low
EPSS
0.004
Percentile
73.4%
Related for CVE-2014-0709