Vulnerabilities > CVE-2008-6577 - Credentials Management vulnerability in Nortel Cs1000 4.50

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

nortel

CWE-255

critical

NVD

Published: 2009-04-01

Updated: 2017-08-17

Summary

Nortel MG1000S, Signaling Server, and Call Server on the Communications Server 1000 (CS1K) 4.50.x contain multiple unspecified hard-coded accounts and passwords, which allows remote attackers to gain privileges.

Vulnerable Configurations

Part	Description	Count
Hardware	Nortel Nortel Cs1000 4.50	1

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

http://osvdb.org/44374
http://secunia.com/advisories/29747
http://securitytracker.com/id?1019848
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=713455
http://www.securityfocus.com/bid/28691
http://www.voipshield.com/research-details.php?id=14
https://exchange.xforce.ibmcloud.com/vulnerabilities/41802