CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
5.1%
Cisco Prime Network Registrar (CPNR) 8.1(3.3), 8.2(3), and 8.3(2) has a default account, which allows local users to obtain root access by leveraging knowledge of the credentials, aka Bug ID CSCuw21825.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | prime_network_registrar | 8.1.3.3 | cpe:2.3:a:cisco:prime_network_registrar:8.1.3.3:*:*:*:*:*:*:* |
cisco | prime_network_registrar | 8.2.3 | cpe:2.3:a:cisco:prime_network_registrar:8.2.3:*:*:*:*:*:*:* |
cisco | prime_network_registrar | 8.3.2 | cpe:2.3:a:cisco:prime_network_registrar:8.3.2:*:*:*:*:*:*:* |