Vulnerabilities > CVE-2003-1457 - Configuration vulnerability in Auerswald Comsuite CTI Controlcenter 3.1

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

auerswald

CWE-16

NVD

Published: 2003-12-31

Updated: 2017-07-29

Summary

Auerswald COMsuite CTI ControlCenter 3.1 creates a default "runasositron" user account with an easily guessable password, which allows local users or remote attackers to gain access.

Vulnerable Configurations

Part	Description	Count
Application	Auerswald Auerswald Comsuite CTI Controlcenter 3.1	1

Common Weakness Enumeration (CWE)

CWE-16 - Configuration

References

http://securityreason.com/securityalert/3282
http://www.securityfocus.com/archive/1/319946
http://www.securityfocus.com/bid/7458
https://exchange.xforce.ibmcloud.com/vulnerabilities/11923