Vulnerabilities > CVE-2011-1623 - Credentials Management vulnerability in Cisco products

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

cisco

CWE-255

critical

NVD

Published: 2011-06-02

Updated: 2017-08-17

Summary

Cisco Media Processing Software before 1.2 on Media Experience Engine (MXE) 5600 devices has a default root password, which makes it easier for context-dependent attackers to obtain access via (1) the local console, (2) an SSH session, or (3) a TELNET session, aka Bug ID CSCto77737.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Media Processing Software 1.0.0 Cisco Media Processing Software 1.0.1 Cisco Media Processing Software 1.1.0 Cisco Media Processing Software 1.1.1 Cisco Media Processing Software *	5
Hardware	Cisco Cisco Media Experience Engine 5600 *	1

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References