Vulnerabilities > CVE-2010-0570 - Credentials Management vulnerability in Cisco Digital Media Manager
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x has a default password for the Tomcat administration account, which makes it easier for remote attackers to execute arbitrary code via a crafted web application, aka Bug ID CSCta03378. Per: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml "Default Credentials Cisco DMM versions 5.0.x and 5.1.x are affected by this vulnerability. Cisco DMM versions 4.x are not vulnerable"
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 5 |
Common Weakness Enumeration (CWE)
References
- http://secunia.com/advisories/38800
- http://securitytracker.com/id?1023671
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml
- http://www.securityfocus.com/bid/38503
- http://www.vupen.com/english/advisories/2010/0531
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56634