CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
88.9%
Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before 6.0 has an nfcuser account with the default password nfcuser, which allows remote attackers to modify the product configuration and, when installed on Linux, obtain login access to the host operating system.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | netflow_collection_engine | 1.0 | cpe:2.3:a:cisco:netflow_collection_engine:1.0:*:*:*:*:*:*:* |
cisco | netflow_collection_engine | 2.0 | cpe:2.3:a:cisco:netflow_collection_engine:2.0:*:*:*:*:*:*:* |
cisco | netflow_collection_engine | 3.0 | cpe:2.3:a:cisco:netflow_collection_engine:3.0:*:*:*:*:*:*:* |
cisco | netflow_collection_engine | 3.5 | cpe:2.3:a:cisco:netflow_collection_engine:3.5:*:*:*:*:*:*:* |
cisco | netflow_collection_engine | 3.6 | cpe:2.3:a:cisco:netflow_collection_engine:3.6:*:*:*:*:*:*:* |
cisco | netflow_collection_engine | 4.0 | cpe:2.3:a:cisco:netflow_collection_engine:4.0:*:*:*:*:*:*:* |
cisco | netflow_collection_engine | 5.0 | cpe:2.3:a:cisco:netflow_collection_engine:5.0:*:*:*:*:*:*:* |
cisco | netflow_collection_engine | 5.0.3 | cpe:2.3:a:cisco:netflow_collection_engine:5.0.3:*:*:*:*:*:*:* |