Vulnerabilities > CVE-2011-0354 - Credentials Management vulnerability in Cisco products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video units, with software before TC4.0.0 has a blank password for the root account, which makes it easier for remote attackers to obtain access via an unspecified login method.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Tandberg E & EX & C Series Endpoints - Default Credentials for Root Account. CVE-2011-0354. Remote exploit for hardware platform |
| file | exploits/hardware/remote/16100.txt |
| id | EDB-ID:16100 |
| last seen | 2016-02-01 |
| modified | 2011-02-02 |
| platform | hardware |
| port | |
| published | 2011-02-02 |
| reporter | Cisco Security |
| source | https://www.exploit-db.com/download/16100/ |
| title | Tandberg E & EX & C Series Endpoints - Default Credentials for Root Account |
| type | remote |
Seebug
| bulletinFamily | exploit |
| description | No description provided by source. |
| id | SSV:70658 |
| last seen | 2017-11-19 |
| modified | 2014-07-01 |
| published | 2014-07-01 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-70658 |
| title | Tandberg E, EX and C Series Endpoints Default Credentials for Root Account |
References
- http://secunia.com/advisories/43158
- http://securityreason.com/securityalert/8060
- http://securitytracker.com/id?1025017
- http://tools.cisco.com/security/center/viewAlert.x?alertId=22314
- http://www.cisco.com/en/US/products/ps11422/products_security_advisory09186a0080b69541.shtml
- http://www.exploit-db.com/exploits/16100
- http://www.kb.cert.org/vuls/id/436854
- http://www.securityfocus.com/bid/46107